Photo of Kamran Salour

Kamran dedicates his practice to helping clients reduce the likelihood of experiencing a data security incident and minimizing the impact in case of a potential occurrence.

Immediately following a three-day stint at the Summer 2022 Net Diligence conference in Philadelphia, Kamran and Sadia welcome Kroll’s Keith Wojcieszek to the Unauthorized Access podcast. In this episode, the trio discuss common misconceptions about dark web monitoring and instances where dark web monitoring can be quite important.

Don’t forget to tune in to win this month’s prize — Troutman Pepper’s “privacy + cyber” hacker hoodie.

Continue Reading Dark Web Monitoring

Unauthorized Access provides an insightful and interesting recap of the latest developments in cybersecurity. Each month our (mildly funny) hosts, Kamran Salour and Sadia Mirza, will discuss updates on legal developments and industry trends, and share real incident response stories and lessons learned. Kamran and Sadia will also talk with industry experts (e.g., individuals from forensics, insurance, law enforcement, and information security) about the current cyber landscape and where it is headed. The goal for this podcast is to keep you educated and entertained about all things cybersecurity.

If you have a fever for IR – the prescription is Unauthorized Access.

Continue Reading Unauthorized Access: An Inside Look at Incident Response

On March 15, Congress passed the Cyber Incident Reporting for Critical Infrastructure Act (Act). Many outlets reporting on the Act focused on its 72-hour breach notification requirement. But such reports created uncertainty over the Act’s application and requirements, as well as the steps an organization should take in response to the Act.

To help resolve

On April 5, the Securities and Exchange Commission (SEC) announced that two employees improperly accessed adjudicatory materials for cases being litigated in the agency’s in-house court system. The access occurred in 2017, and the SEC stated the breach “did not impact the actions taken by the staff investigating and prosecuting the cases or the commission’s

On February 3, a New York magistrate judge recommended dismissing a class action against medical management company, Professional Business System d/b/a Practicefirst Medical Management Solutions in Tassmer v. Professional Business Systems. Judge Michael J. Roemer recommended dismissal because plaintiffs’ allegations failed to constitute an injury under the Supreme Court’s ruling in TransUnion v. Ramirez

On January 13, Him Das, the acting head of the Financial Crimes Enforcement Network (FinCEN), highlighted ransomware as a chief national security risk. At the Financial Crimes Enforcement Conference, Das suggested that the current anti-money laundering regulations are insufficient to protect against tech-driven threats, from cyberattacks to digital asset schemes. FinCEN therefore is currently

On January 20, President Biden signed a memorandum aimed at improving the cybersecurity of the National Security, Department of Defense, and Intelligence Community Systems (together, the “National Security Systems).

A National Security System (NSS) is an information system used or operated by an agency or on its behalf, the function, operation, or use of which

Kamran Salour (CIPP/US, CIPP/E, and CIPT), an experienced data security attorney, has joined Troutman Pepper’s national Cybersecurity, Information Governance, and Privacy practice in Orange County as a partner. Salour will help grow the firm’s Data Security Incident Response team. He joins the firm from Lewis Brisbois.

“Kamran brings an excellent blend of incident response, compliance,