Ramyar Daneshgar

Expansion of ICTS Supply Chain Regulations by the Department of Commerce

By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. The U.S. Department of Commerce has significantly expanded its regulations under the Information and Communications Technology and Services (ICTS) supply chain rules, which are designed

Dark Patterns in Cookie Banners: The Overlooked Compliance Risk Facing U.S. Businesses

By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. What Are Dark Patterns in Cookie Banners? Dark patterns are deceptive or manipulative user interface (UI) and user experience (UX) design choices that interfere with a

Case Study: Capital One vs. the Cloud: How One Misstep Triggered $190M in Settlements

By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Overview In 2019, Capital One experienced one of the most significant data breaches in U.S. financial sector history. Over 106 million individuals were affected, with

Are Your Cyber Risk Assessments Legally Defensible? Here’s How to Make Sure

By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Looking for a security engineer? Visit SecurityEngineer.com Disclaimer: This article is for educational purposes only and does not constitute legal advice. Introduction Most organizations today conduct cyber risk assessments to satisfy frameworks like NIST, ISO, or SOC 2. However,

Case Study: Inside the 23andMe Breach - What Happens When Your Genetic Data Isn’t Private

By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Executive Summary In late 2023, consumer genetics company 23andMe suffered a significant data breach affecting the genetic and personal data of nearly 7 million users. The

The Ownership Dilemma: What U.S. Law Says About AI-Generated Works

By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Executive Summary As generative AI becomes more deeply embedded in content creation, questions around intellectual property ownership grow more urgent. Under U.S. law, copyright protection

Case Study: Bank of America Breach - How a Vendor Mishap Exposed Millions of Customers’ Sensitive Data

By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. 1. Overview In late December 2024, Bank of America experienced a significant data breach stemming from a third‑party vendor failure. A document destruction contractor, responsible

The Legal Risk of Ignoring Shadow IT: When BYOD Becomes a Breach Vector

By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. What Is Shadow IT? Shadow IT refers to the use of IT systems, applications, or devices - often personal ones like smartphones, tablets, or laptops -

Fast Flux: The Hidden Cyber Threat Undermining National Security

By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. On April 3, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and

Cybersecurity Risks for Creators: Why YouTubers, TikTokers, and Streamers Are Prime Targets

By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Introduction: Why Creators Are Becoming High-Value Targets The rise of the creator economy has enabled millions of individuals to build businesses and communities through content on

The CFAA (Computer Fraud and Abuse Act): Legal Use and Abuse

By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. Introduction The Computer Fraud and Abuse Act (CFAA), originally enacted in 1986, was intended as a legislative tool to combat hacking and cybercrime at a time

First 72 Hours After a Breach: A Legal Checklist

By Ramyar Daneshgar Security Engineer | USC Viterbi School of Engineering Disclaimer: This article is for educational purposes only and does not constitute legal advice. The initial 72 hours following the identification of a cybersecurity breach represent a critical window for organizational response. These hours are pivotal not merely from a