In early October 2025, several media outlets reported that United States telecommunications services had been infiltrated by state affiliated threat actors linked to the People’s Republic of China (“PRC”). These reports were followed by a joint press … [Read more] about Congressional Research Service Report Sheds Light on October Telecommunications Attack by PRC-Linked Threat Actor
The New York Department of Financial Services issued a cybersecurity advisory on November 1, 2024, regarding a growing threat posed by North Korean operatives seeking remote IT roles at U.S. companies. These operatives secure jobs at prominent … [Read more] about Combatting the New Insider Threat: North Korean IT Workers Posing as Remote Employees
On October 24, 2024, in a long-awaited decision in Vita v. New England Baptist Hospital, Massachusetts’ highest court snuffed out an attempt to use the state’s 1968 Wiretap Act to impose liability on a hospital system for its use of third-party … [Read more] about Massachusetts Top Court Torpedoes Website Analytics Wiretapping Class Action
On October 11, 2024, the Department of Defense (“DoD”) issued its Final Program Rule for the Cybersecurity Maturity Model Certification (“CMMC”) Program. The Final Rule is a signal to federal contractors to develop compliance programs pertaining to … [Read more] about Summary of Changes from DoD CMMC Proposed Rule to Final Rule
The SEC has released its Examination Priorities: Fiscal Year 2025 (“Examination Priorities”), which may be a useful roadmap to SEC-registered investment advisers, exchanges, and other entities subject to routine examination by the SEC Division of … [Read more] about SEC 2025 Examination Priorities Indicate Sustained Focus on Cybersecurity & Data Protection