Photo of Colin Jennings

Colin Jennings

olin R. Jennings has been selected as primary outside counsel for global compliance work by more than 35 public and privately held global companies, and regularly provides guidance and counseling in connection with these companies’ ongoing compliance efforts for both their domestic and international operations, including, when necessary, investigation and defense of compliance-related concerns.

View full website bio.

On March 21, 2022, President Biden warned U.S. companies, particularly those operating in critical infrastructure sectors, that “[b]ased upon evolving intelligence, Russia may be planning a cyberattack against us.”  See details here.  The evolving intelligence appears to be based upon, among other things, a March 18th advisory from the FBI to U.S.

On March 21, 2022, President Biden publicly recognized that, while his Administration is prioritizing modernizing the federal government’s cybersecurity practices, it is the patriotic obligation of the private sector to invest as much as it can in preparing for cyberattacks.

Over the course of the past month, media images of the war in Ukraine show

Background

President Biden has recently delivered on a long stated priority of his presidency: requiring the disclosure of cyber security incidents for companies that operate critical infrastructure. After announcing an executive order in May 2021 aimed at modernizing the federal government’s cybersecurity practices, the same sweeping changes will now effect private companies that operate critical

Just in time for the holiday season, and at a time when cybercriminals are generally most active, industry experts discovered a critical vulnerability in a software commonly used by companies. The software, Apache Log4j, is a popular Java library for logging in applications. The vulnerability enables a remote attacker to take control of a device,

Good morning, all.  The Consumer Privacy World team is out there again sharing wise advice on how to handle a cyber breach.  This time, the team discusses organizational risk of a data breach, and how companies can learn something from Uber’s recent data privacy missteps that ended in a criminal complaint.  In “Executive Responsibilities

As has been widely reported, a magistrate judge in the Eastern District of Virginia recently ordered Capital One to produce a forensic report prepared by the cybersecurity firm Mandiant, holding that the report was not protected as attorney work product despite having been prepared at the direction of outside counsel.  On June 9, 2020, Capital

Public service is a public trust

Hooded HackerIn March, 2020, a smaller municipality of approximately 145,000 people fell victim to a sophisticated ransomware attack.  When city officials issued statements to the public that personal information was not compromised, the cybercriminals retaliated.  The bad actors flooded the internet and dark web with personal information