Amid intense focus on AI and a flurry of consumer privacy law updates, legislative activity has continued to change data breach notification requirements in a variety of ways. Similar to 2023, a handful of changes to...more
9/30/2024
/ Artificial Intelligence ,
Breach Notification Rule ,
Consumer Privacy Rights ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
FCC ,
Federal Trade Commission (FTC) ,
Legislative Agendas ,
Popular ,
Regulation S-P ,
Regulatory Requirements ,
Safeguards Rule ,
Securities and Exchange Commission (SEC) ,
State and Local Government ,
State Data Breach Notification Statutes
On February 1, 2024, the Federal Trade Commission (FTC) announced a complaint and proposed consent order against Blackbaud, Inc. concerning a 2020 data security incident that included a ransomware demand and payment....more
A flurry of legislative activity over the past year has brought meaningful changes to a variety of privacy and security provisions in state and federal law. At the state level, as in 2022, we have seen a handful of changes to...more
10/10/2023
/ Corporate Counsel ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Protection ,
Data Security ,
FCC ,
Federal Breach Notification Standard ,
Federal Trade Commission (FTC) ,
Notification Requirements ,
Proposed Legislation ,
Regulatory Reform ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
State Data Breach Notification Statutes
The Board of the California Privacy Protection Agency (the CPPA) held its first meeting since July on Friday, September 8, 2023, and discussed the first public draft of cybersecurity audit regulations and risk assessment...more
9/27/2023
/ Audits ,
Automated Decision Systems (ADS) ,
California ,
California Privacy Protection Agency (CPPA) ,
California Privacy Rights Act (CPRA) ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Assessment
Following the release of President Biden’s National Cybersecurity Strategy, Acting National Cyber Director Kemba Walden explained that the Biden Administration is “expecting more” from owners and operators in critical...more
3/24/2023
/ Aviation Industry ,
Biden Administration ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Environmental Protection Agency (EPA) ,
Government Entities ,
NIST ,
Private Sector ,
Risk Assessment ,
Risk Management ,
Technology ,
TSA ,
Water
Background Critical infrastructure providers confront unique cyber threats. The use of operational technology (OT) introduces risks that arise from, for example, legacy equipment that cannot readily be patched, updated, or...more
2/10/2023
/ Critical Infrastructure Sectors ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Federal Railroad Administration ,
Mitigation ,
Owner-Operators ,
Popular ,
Railways ,
Regulatory Authority ,
Regulatory Requirements ,
TSA