Photo of Kate GrowleyPhoto of Caroline Brown

In this episode, host Kate Growley and Caroline Brown talk about the regulatory risks of violating sanctions and anti-money laundering laws when considering whether to make a payment to ransomware attackers. Those risks extend beyond the victims of the ransomware attack themselves to include ransomware insurance businesses, payment processors, and companies involved in digital forensics and incident response. Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces.

ListenCrowell.com | PodBean | SoundCloud | Apple Podcasts 

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Kate Growley Kate Growley

Businesses around the globe rely on Kate M. Growley to navigate their most challenging digital issues, particularly those involving cybersecurity, artificial intelligence, digital infrastructure, and their intersection with national security. Clients seek her guidance on proactive compliance, incident response, internal and government-facing investigations…

Businesses around the globe rely on Kate M. Growley to navigate their most challenging digital issues, particularly those involving cybersecurity, artificial intelligence, digital infrastructure, and their intersection with national security. Clients seek her guidance on proactive compliance, incident response, internal and government-facing investigations, and policy engagement. With a unique combination of legal, policy, and consulting experience, Kate excels in translating complex technical topics into advice that is practical and informed by risk and business needs.

Kate has extensive experience working with members of the U.S. government contracting community, especially those within the Defense Industrial Base. She has partnered with contractors from every major sector, including technology, manufacturing, health care, and professional services. Kate is an IAPP AI Governance Professional (AIGP) and a Certified Information Privacy Professional for both the U.S. private and government sectors (CIPP/G and CIPP/US). She is also a Registered Practitioner with the U.S. Cybersecurity Maturity Model Certification (CMMC) Cyber Accreditation Body (AB).

Having lived in Greater China for several years, Kate also brings an uncommon understanding of digital and national security requirements from across the Asia Pacific region. She has notable experience with the regulatory environments of Australia, Singapore, Japan, and Greater China—including the growing regulation of data flows between the latter and the United States.

Kate is a partner in the firm’s Washington, D.C., office, as well as a senior director in the firm’s consultancy Crowell Global Advisors, to which she was seconded for several years. She is a founding member of the firm’s Privacy & Cybersecurity Group and part of the firm’s AI Steering Committee. She has been internationally recognized by Chambers and named a “Rising Star” by both Law360 and the American Bar Association (ABA). She has held numerous leadership positions in the ABA’s Public Contract Law and Science & Technology Sections and has been inducted as a lifetime fellow in the American Bar Foundation.

Read more about Kate Growley
Show more Show less
Photo of Caroline Brown Caroline Brown

Caroline E. Brown is a partner in Crowell & Moring’s Washington, D.C. office and a member of the firm’s White Collar & Regulatory Enforcement and International Trade groups and the steering committee of the firm’s National Security Practice. She provides strategic advice to…

Caroline E. Brown is a partner in Crowell & Moring’s Washington, D.C. office and a member of the firm’s White Collar & Regulatory Enforcement and International Trade groups and the steering committee of the firm’s National Security Practice. She provides strategic advice to clients on national security matters, including anti-money laundering (AML) and economic sanctions compliance and enforcement challenges, investigations, and cross border transactions, including review by the Committee on Foreign Investment in the United States (CFIUS) and the Committee on Foreign Investment in the U.S. Telecommunications Services Sector (Team Telecom).

Caroline brings over a decade of experience as a national security attorney at the U.S. Departments of Justice and the Treasury. At the U.S. Department of Justice’s National Security Division, she worked on counterespionage, cybersecurity, and counterterrorism matters and investigations, and gained unique insight into issues surrounding data privacy and cybersecurity. In that role, she also sat on both CFIUS and Team Telecom and made recommendations to DOJ senior leadership regarding whether to mitigate, block, or allow transactions under review by those interagency committees. She also negotiated, drafted, and reviewed mitigation agreements, monitored companies’ compliance with those agreements, and coordinated and supervised investigations of breaches of those agreements.

Read more about Caroline Brown
Show more Show less
Related Posts
From Yellow Jackets to Red Flags: DOJ Stings Georgia Tech for Alleged Cybersecurity Noncompliance
October 15, 2025
For Better or MORSE: Another Settlement Under DOJ’s Civil Cyber-Fraud Initiative
April 10, 2025
Canadian CMMC? Canada Proposes Cyber Compliance Regime for Canadian Defense Suppliers
April 10, 2025