On January 8, 2025, the Department of Justice (DOJ) issued a Final Rule, now referred to as the Data Security Program (DSP), that establishes sweeping new restrictions on access to sensitive personal data and...more
On April 11, 2025, the Department of Justice (DOJ) announced additional guidance regarding the implementation of the Final Rule (the “Rule”), Provisions Pertaining to Preventing Access to U.S. Sensitive Personal Data and...more
On January 13, 2025, the US Department of Commerce’s Bureau of Industry and Security (BIS) published an Interim Final Rule (IFR) titled “Framework for Artificial Intelligence Diffusion.” The IFR builds on a long series of...more
By now, companies across all industries have become familiar with the lifecycle and stages of a ransomware incident. Generally, once an attack is contained, remediation and rebuilding will follow. Shortly after, the crisis...more
10/14/2024
/ Attorney-Client Privilege ,
Class Action ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Incident Response Plans ,
Invasion of Privacy ,
Litigation Strategies ,
Personally Identifiable Information ,
Ransomware ,
Risk Mitigation
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
4/1/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Data Breach ,
Data Preservation ,
Data Protection ,
Data Security ,
Department of Homeland Security (DHS) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
NPRM ,
Proposed Rules ,
Ransomware ,
Regulatory Agenda
Engaging third-party providers for technology transactions involves a certain level of cybersecurity risk. In fact, most companies have been through a third-party incident. In this episode, partners Justin Herring and Adam...more