This week on Cyber Matters, host Tanner Wilburn and guests Katherine Kennelly and Zach Smith cover a wide range of cybersecurity, privacy, and technology law topics. They begin with a discussion of AT&T's massive data breach disclosure, highlighting the company's use of SEC guidance on cybersecurity incident reporting and the involvement of the Department of Justice in delaying public disclosure.

The hosts then explore the ongoing fallout from the MOVEit breach one year later, using it as a case study to anticipate potential consequences for Snowflake's recent data breach. They discuss the legal and financial implications for Progress Software, the company behind MOVEit.

CISA Director Jen Easterly's recent comments on ransomware payments are examined, along with the broader debate on whether to ban such payments. The hosts also delve into CISA's proposed Cyber Incident Reporting for Critical Infrastructure Act regulations and industry reactions.

In regulatory news, they cover the 6th Circuit's stay on the FCC's net neutrality rules and provide historical context for the ongoing debate over internet regulation. The podcast touches on several Big Tech stories, including OpenAI's "Strawberry" project, Microsoft's board seat changes at OpenAI, and Apple's antitrust maneuvers in the EU.

The hosts discuss Meta's relaxation of restrictions on former President Trump's social media accounts and the potential implications of the Supreme Court's SEC v. Jarkesy decision on Meta's dispute with the FTC. They also cover the official publication of the EU AI Act and its significance for businesses operating in Europe.

National security topics include expanded U.S. Treasury reviews of foreign real estate purchases near military bases, Microsoft's potential investment in UAE's G42 AI firm, and updates on TikTok-related legislation. The hosts also discuss a new software supply chain security bill and Germany's decision to phase out Huawei and ZTE components in 5G infrastructure.

The episode concludes with updates on Pennsylvania's amended data breach notification law and a local ransomware attack affecting Monroe County, Indiana.

LinkedIn Page:

https://www.linkedin.com/company/cyber-matters-podcast

Ransomware Resources:

https://www.lawfaremedia.org/article/ofac-the-ransomware-gangs#:~:text=In%20a%20nutshell%2C%20OFAC%20can,in%20other%20words%2C%20ransomware%20gangs.

https://securityandtechnology.org/virtual-library/memo/roadmap-to-potential-prohibition-of-ransomware-payments/