The United States Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) have issued an...more
6/9/2025
/ Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Security ,
FBI ,
Government Agencies ,
Incident Response Plans ,
New Guidance ,
NIST ,
Passwords ,
Ransomware ,
Risk Management
The rise of artificial intelligence has brought both opportunities and challenges to the workplace. However, a growing trend of employees using free or unauthorized AI tools poses significant risks, from security breaches to...more
5/15/2025
/ Artificial Intelligence ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Employee Training ,
Employees ,
Employer Liability Issues ,
Employment Policies ,
Intellectual Property Protection ,
National Security ,
Popular ,
Risk Factors ,
Risk Management ,
Technology ,
Trade Secrets
State and local governments: Do your websites and mobile apps meet accessibility standards?
The compliance dates for DOJ’s digital accessibility requirements are coming soon!
Title II of the Americans with Disabilities Act...more
1. Know What Laws Apply to your Organization
It’s not surprising many leaders are unsure about which new laws or regulations apply to their organization. Privacy and security laws, particularly in the U.S., have changed...more
Know What Laws Apply -
Privacy and security laws, particularly in the U.S., have changed dramatically in the last few years. It’s not surprising many leaders are unsure which new laws or updated regulations apply to their...more
3/3/2025
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
EU ,
General Data Protection Regulation (GDPR) ,
GLBA Privacy ,
Gramm-Leach-Blilely Act ,
Multi-Factor Authentication ,
Oregon ,
Personal Data ,
Personal Information ,
Popular ,
Privacy Laws ,
Risk Management ,
State Privacy Laws
Give Thanks -
Cybersecurity and IT leaders are vital to every organization’s success. But they might also be burning out now, when you need them more than ever. 93% of security leaders say they’ve considered quitting their...more
On December 16, the U.S. Department of Defense’s Cybersecurity Maturity Model Certification Program (CMMC) final rule (the “CMMC Program Rule”) will become effective, to codify the CMMC requirements and assessment processes....more
11/19/2024
/ Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
Department of Justice (DOJ) ,
False Claims Act (FCA) ,
Federal Contractors ,
Final Rules ,
New Rules ,
NIST ,
Regulatory Agenda ,
Regulatory Requirements ,
Third Party Assessment Organization (3PAO)
This summer, the Supreme Court ended its term shortly after issuing game-changing rulings that modify the authority of federal agencies. Given the result of restraining agencies such as the FTC and FCC from interpreting and...more
8/7/2024
/ Administrative Authority ,
Administrative Procedure Act ,
Administrative Proceedings ,
Artificial Intelligence ,
Chevron Deference ,
Corporate Counsel ,
FCC ,
Federal Trade Commission (FTC) ,
Government Agencies ,
Judicial Authority ,
Jury Trial ,
Loper Bright Enterprises v Raimondo ,
Regulatory Authority ,
SCOTUS ,
SEC v Jarkesy ,
Securities and Exchange Commission (SEC) ,
Seventh Amendment ,
Statutory Authority ,
Statutory Interpretation
Since 2011, I’ve attended the International Association of Privacy Professionals’ Global Privacy Summit in Washington, D.C. Each year one session gets everyone talking; this year the honor went to “Direct Insights from U.S....more
4/9/2024
/ Algorithms ,
Biometric Information ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Department of Justice (DOJ) ,
Electric Vehicles ,
Enforcement ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
Personal Information ,
Privacy Laws ,
Regulatory Oversight ,
State and Local Government ,
State Privacy Laws ,
Technology Sector
The key provisions of the Oregon Consumer Privacy Act (the OCPA) will take effect on July 1, 2024. The OCPA provides Oregonians with a number of important privacy rights with regard to their data, and sets forth specific...more
3/21/2024
/ Consumer Privacy Rights ,
Data Privacy ,
Data Protection ,
Data Protection Acts ,
Legislative Agendas ,
New Legislation ,
Oregon ,
Personal Data ,
Privacy Acts ,
Privacy Laws ,
Privacy Policy ,
Regulatory Requirements ,
State and Local Government ,
State Legislatures ,
State Privacy Laws
The Washington My Health My Data Act was passed in April 2023 to expand privacy protections for personal health data. Thus far, only the Act’s geofencing requirements have been enforceable. On March 31, 2024, the Act’s...more
On Friday, February 9, California’s Third District Court of Appeal held that regulations of the California Consumer Privacy Act, as amended, pertaining to key areas of the law are now enforceable. The regulations had been...more
The past year will be regarded as a pivotal year for advances in artificial intelligence (AI). As the year comes to an end, lawmakers are hurrying to establish rules for the rapidly evolving technology, hoping to stimulate...more
1/8/2024
/ Artificial Intelligence ,
California ,
Canada ,
EU ,
Legislative Agendas ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
On July 1, 2024, Florida’s Digital Bill of Rights, Oregon’s Consumer Privacy Act, and the Texas Data Privacy and Security Act will take effect. And on October 1, 2024, Montana’s Consumer Data Privacy Act will become law. ...more
The year 2023 will be regarded as a pivotal year for advances in AI. As the year comes to an end, lawmakers are hurrying to establish rules for the evolving technology, and hoping to stimulate AI’s promise of innovation, and...more
12/15/2023
/ Artificial Intelligence ,
California ,
Canada ,
EU ,
Innovative Technology ,
Intellectual Property Protection ,
Legislative Agendas ,
Machine Learning ,
New Legislation ,
Popular ,
Regulatory Agenda ,
Risk Management