Photo of Linn Foster Freedman

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chair’s the firm’s Data Privacy and Security Team. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law.  Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

The Health Sector Cybersecurity Coordination Center (HC3) recently warned the health care sector about the Akira ransomware group that has been hitting health care organizations since May of 2023. In an Analyst Note dated February 7, 2024, HC3 stated that although Akira is a relatively new ransomware group, it has attacked at least 81 organizations

In a joint release last week, the Cybersecurity and Infrastructure Security Agency (CISA) and other federal agencies issued a chilling Advisory about the ongoing attacks by Volt Typhoon on U.S. critical infrastructure. Volt Typhoon is a People’s Republic of China (PRC) sponsored group that uses slow and persistent techniques to gain entry into U.S.-based critical

The Federal Trade Commission (FTC) keeps track of scams that are reported to it and summarizes those scams in a report outlining the most successful scams of the prior year.

Last year’s statistics are disturbing, as many of the same techniques from previous years are still being used successfully by threat actors. Old scams are

Unfortunately, according to Unit 42 of Palo Alto’s recently published “Ransomware and Extortion Report,” ransomware groups had a good year in 2022. They found that threat actors are using multi-extortion tactics to get paid by victims, including data exfiltration. In addition, there was “a 49% increase in victims reported by ransomware leak sites, with a

The World Health Organization (WHO) recently published “Ethics and Governance of Artificial Intelligence for Health: Guidance on large multi-modal models” (LMMs), which is designed to provide “guidance to assist Member States in mapping the benefits and challenges associated with the use of for health and in developing policies and practices for appropriate development

Most organizations and online platforms use multifactor authentication (MFA) (also called two-factor authentication) to confirm that the user is an authorized individual and not a scammer or fraudster. We have all been trained to use MFA through our workplaces to gain access to our work emails; tech companies offering free email services are suggesting that

I hang out with a lot of Chief Information Security Officers (CISOs), so this piece is for them. Of course, it will be of interest to all security professionals struggling with assessing the risk of large language models (LLMs).

According to DarkReading, Berryville Institute of Machine Learning (BIML) recently issued a report entitled “An Architectural

On January 29, 2024, the Italian Data Protection Authority (Garante) notified OpenAI of breaches of data protection laws involving its ChatGPT platform.

In March 2022, Garante temporarily banned OpenAI from processing data. Following its investigation, Garante “concluded that the available evidence pointed to the existence of breaches of the provisions contained in the EU GDPR.”

Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity & Infrastructure Security Agency (CISA) is recommending that the patches be applied because “a cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.”

The updates to the Thunderbird product are designed