Photo of Kamran Salour

Unauthorized Access provides an insightful and interesting recap of the latest developments in cybersecurity. Each month our (mildly funny) hosts, Kamran Salour and Sadia Mirza, will discuss updates on legal developments and industry trends, and share real incident response stories and lessons learned. Kamran and Sadia will also talk with industry experts (e.g., individuals from forensics, insurance, law enforcement, and information security) about the current cyber landscape and where it is headed. The goal for this podcast is to keep you educated and entertained about all things cybersecurity.

If you have a fever for IR – the prescription is Unauthorized Access.

On March 15, Congress passed the Cyber Incident Reporting for Critical Infrastructure Act (Act). Many outlets reporting on the Act focused on its 72-hour breach notification requirement. But such reports created uncertainty over the Act’s application and requirements, as well as the steps an organization should take in response to the Act.

To help resolve

On April 5, the Securities and Exchange Commission (SEC) announced that two employees improperly accessed adjudicatory materials for cases being litigated in the agency’s in-house court system. The access occurred in 2017, and the SEC stated the breach “did not impact the actions taken by the staff investigating and prosecuting the cases or the commission’s

On February 3, a New York magistrate judge recommended dismissing a class action against medical management company, Professional Business System d/b/a Practicefirst Medical Management Solutions in Tassmer v. Professional Business Systems. Judge Michael J. Roemer recommended dismissal because plaintiffs’ allegations failed to constitute an injury under the Supreme Court’s ruling in TransUnion v. Ramirez

On January 13, Him Das, the acting head of the Financial Crimes Enforcement Network (FinCEN), highlighted ransomware as a chief national security risk. At the Financial Crimes Enforcement Conference, Das suggested that the current anti-money laundering regulations are insufficient to protect against tech-driven threats, from cyberattacks to digital asset schemes. FinCEN therefore is currently

On January 20, President Biden signed a memorandum aimed at improving the cybersecurity of the National Security, Department of Defense, and Intelligence Community Systems (together, the “National Security Systems).

A National Security System (NSS) is an information system used or operated by an agency or on its behalf, the function, operation, or use of which

Kamran Salour (CIPP/US, CIPP/E, and CIPT), an experienced data security attorney, has joined Troutman Pepper’s national Cybersecurity, Information Governance, and Privacy practice in Orange County as a partner. Salour will help grow the firm’s Data Security Incident Response team. He joins the firm from Lewis Brisbois.

“Kamran brings an excellent blend of incident response, compliance,