Category: Commentaries and Analyses

SEC Charges Software Company Blackbaud Inc. for Misleading Disclosures About Ransomware Attack That Impacted Charitable Donors

Posted on by Dissent

Washington D.C., March 9, 2023 — The Securities and Exchange Commission today announced that Blackbaud Inc., a South Carolina-based public company that provides donor data management software to non-profit organizations, agreed to pay $3 million to settle charges for making misleading disclosures about a 2020 ransomware attack that impacted more than 13,000 customers. The SEC’s…

Read more

EPA Requires States to Address the Cybersecurity of Public Water Systems

Posted on by Dissent

Ashden Fein, Micaela McMurrough, Caleb Skeath, and Matthew Harden of Covington & Burling write: On March 3, 2023, the United States Environmental Protection Agency (“EPA”) published a memorandum requiring states to evaluate the cybersecurity of operational technology used by public water systems (“PWSs”) “when conducting PWS sanitary surveys or through other state programs.”  EPA’s memorandum “interprets the…

Read more

Co-Working for the Ransomware Age: How Hive Thrived

Posted on by Dissent

Mathew J. Schwartz reports on how Hive blossomed as a business enterprise by co-working, or incorporating smaller victims and teams from Conti. Read his report with insights provided by Yelisey Bohuslavskiy, chief research officer at New York-based threat intelligence firm Red Sense. It makes for a fascinating read.

Read more

After newest data leak, lawyers say time for Putrajaya to give up PDPA immunity

Posted on by Dissent

R. Loheswar reports: Continued breaches exposing Malaysians’ private information at government agencies meant the Personal Data Protection Act (PDPA) should be amended to finally make these accountable, said legal experts. In its current form, the PDPA only covers commercial entities and transactions, exempting both the federal and state governments from its rules and principles, including…

Read more