On August 7, 2024, the 6th Circuit upheld a Chinese spy’s twenty-year prison sentence for attempting to steal aviation trade secrets from General Electric (GE). Yanjun Xu, a deputy director in China’s Ministry of State Security, was responsible for trying to steal aviation-related proprietary information. He spent years inviting Western aviation experts to China, attempting […]
Cybersecurity
Dutch Data Protection Authority Warns that Using AI Chatbots Can Lead to Personal Data Breaches
On August 6th, the Dutch Data Protection Authority (DPA) issued guidance cautioning companies about the potential data protection risks associated with the use of Artificial Intelligence (AI)-powered chatbots. In its guidance, the DPA reports that it has recently received several notifications of personal data breaches caused by employees sharing personal data with a chatbot that […]
CISA and JCDC Conduct First-Ever Public-Private AI Security Incident Tabletop Exercise
On June 13, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) collaborated with the Joint Cyber Defense Collaborative (JCDC) to hold the federal government’s first tabletop exercise for “AI security incidents. JCDC led the exercise and, true to JCDC’s public-private partnership model, included over 50 participants from various government agencies and private-sector companies. For those […]
SEC Settlement Suggests the Agency’s Attempt to Regulate Cybersecurity Controls
On June 18, 2024, the SEC announced a $2.125 million settlement with R.R. Donnelley & Sons Co. (“RRD”) related to the company’s 2021 ransomware attack (the “Incident”). The settlement, and the SEC’s accompanying cease-and-desist order (the “Order”), portend the agency’s continued and increasing oversight over registrants’ cybersecurity policies and practices. Background RRD is a global […]
DOJ Announces $11.3 Million in Settlements for FCA Violations
On Monday, June 17, 2024, the Department of Justice (DOJ) announced a settlement in which two U.S. based consulting companies agreed to pay a combined total of $11.3 million to resolve allegations that they violated the False Claims Act (FCA) by failing to comply with cybersecurity requirements in government contracts. According to the DOJ, the […]