Photo of Sadia Mirza

Sadia dedicates her practice to counseling clients on cutting-edge privacy and cybersecurity issues. Clients turn to her for pre-incident response planning and preparedness, and also call her when the first sign of a security incident/data breach appears. Given her years of experience coaching clients through security incidents, Sadia is heavily involved with data breach regulatory and litigation matters, which gives her a 360-view and understanding of the issues most important and relevant to her clients.

In this episode of Unauthorized Access, Kamran and Sadia welcome their firm colleague, Privacy + Cyber Partner and Team Leader Ron Raether, in a discussion on consumer breach notices — specifically from Ron’s perspective as a litigator — and how plaintiff’s counsel can interpret these notices.

For more than 20 years, Ron has advised

Can cyber investigations be canned? Find out what Sadia, Kamran, and this month’s guest, Shawn Tuma of Spencer Fane, have to say. The gloves come off as these three breach coaches duke it out for the final word on this topic. Just kidding, we cordially discuss our thoughts and opinions on the subject and discover

Your business was hit with a ransomware attack over the weekend, and the critical systems are locked up (i.e., encrypted). To unlock those valuable systems and continue operating the business, the threat actor demands financial payment. After much debate, you and your team decide the business needs to meet the threat actor’s demands

Exemption Extensions Failed. On August 31, California’s legislature ended its 2022 session without adopting legislation to extend the California Consumer Privacy Act (CCPA) employee and business-to-business (B2B) personal information exemptions. In the absence of a special legislative session, these exemptions will expire on January 1, 2023.

History of the Exemptions. Under the current exemptions, covered

In this episode of Unauthorized Access, Kamran and Sadia welcome Tony Kirtley of Secureworks. Tony discusses the emotional response to a ransomware attack, particularly how the emotional response mirrors the Kübler-Ross five stages of grief. Tony also shares how the sooner organizations reach the fifth stage of “acceptance” — the sooner they can make

Immediately following a three-day stint at the Summer 2022 Net Diligence conference in Philadelphia, Kamran and Sadia welcome Kroll’s Keith Wojcieszek to the Unauthorized Access podcast. In this episode, the trio discuss common misconceptions about dark web monitoring and instances where dark web monitoring can be quite important.

Don’t forget to tune in to win this month’s prize — Troutman Pepper’s “privacy + cyber” hacker hoodie.

Unauthorized Access provides an insightful and interesting recap of the latest developments in cybersecurity. Each month our (mildly funny) hosts, Kamran Salour and Sadia Mirza, will discuss updates on legal developments and industry trends, and share real incident response stories and lessons learned. Kamran and Sadia will also talk with industry experts (e.g., individuals from forensics, insurance, law enforcement, and information security) about the current cyber landscape and where it is headed. The goal for this podcast is to keep you educated and entertained about all things cybersecurity.

If you have a fever for IR – the prescription is Unauthorized Access.

On April 28, the Connecticut House passed Senate Bill 6, an act concerning personal data privacy and online monitoring (SB 6 or Connecticut Act). The Senate unanimously passed SB 6 on April 20, and is now currently under consideration by Governor Ned Lamont. If the bill becomes law, it will go into effect on

On March 24, Governor Spencer J. Cox signed the Utah Consumer Privacy Act (UCPA), making Utah the fourth state in the country to adopt a comprehensive privacy law. The UCPA is set to take effect on December 31, 2023, and this law’s substantive requirements closely mirror the Virginia Consumer Data Protection Act (VCDPA). The UCPA