By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Executive Summary The Cybersecurity Information Sharing Act (CISA), originally enacted in 2015, has served as the legal foundation for cybersecurity cooperation between the private sector and
By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Executive Summary In September 2025, a federal jury in San Francisco ordered Google to pay $425 million in damages for violating user privacy. The class action,
By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Introduction In September 2025, the Foundation for Defense of Democracies (FDD) revealed a coordinated, China-linked operation that masqueraded as a group of consulting firms to lure
By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Introduction In July 2025, the California Attorney General filed a complaint against Healthline Media, LLC for violating the California Consumer Privacy Act (CCPA) and the Unfair
By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. In August 2025, Otter.ai, the artificial intelligence transcription company, became the target of a major class action lawsuit filed in the United States District Court
By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Executive Summary In cloud-native environments, a single exposed port on a virtual machine or container can trigger major regulatory consequences. What appears to be a routine
By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Executive Summary Protocols like Telnet, FTP, and POP3 are still present across many enterprise environments - including cloud-based vendors, managed service providers, and healthcare organizations. These
By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Introduction Legacy communication protocols like File Transfer Protocol (FTP) and Post Office Protocol v3 (POP3) are still widely used across small and mid-sized businesses (SMBs). What
By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Executive Summary As U.S. state privacy laws mature, small and midsize businesses (SMBs) are facing increasing exposure to statutory fines of $100–$750 per user,
By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Executive Summary As of 2025, public companies face an evolved threat landscape: not just from cyber attackers, but from regulators and shareholders. The Securities and Exchange
By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Executive Summary Design firms today operate at the intersection of creativity and compliance. As projects span continents, architectural practices must navigate a complex regulatory terrain -
By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Executive Summary Business Email Compromise (BEC) is among the most financially damaging cybercrimes globally, exploiting weak email configurations, lack of domain authentication, and poor user training.