2024 was a pivotal year in the regulation of data practices, with increased scrutiny of artificial intelligence (AI), data brokers, and the ecosystem of commercial data, and the continued proliferation of comprehensive United...more
2/13/2025
/ Artificial Intelligence ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
State Privacy Laws
It is no secret that ransomware dominates headlines, and cybersecurity incidents have become part of our everyday language. However, the criminal “business model” behind ransomware keeps evolving.
Originally published in...more
1/23/2025
/ Business Continuity Plans ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Data Protection ,
Federal Trade Commission (FTC) ,
Forensic Accounting ,
Incident Response Plans ,
Ransomware ,
Risk Management ,
Third-Party Risk ,
Third-Party Service Provider
By now, public companies are generally aware of the cybersecurity rules adopted by the U.S. Securities and Exchange Commission a year ago, requiring public companies to disclose material cybersecurity incidents under Item...more
10/21/2024
/ Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Disclosure Requirements ,
Form 8-K ,
Incident Response Plans ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
Using AI in HR - Hire or Hover? Hiring executives are asking if the compliance costs and discrimination risks outweigh the anticipated benefits of using artificial intelligence (AI) tools for hiring and employment-related...more
9/18/2024
/ Algorithms ,
Americans with Disabilities Act (ADA) ,
Artificial Intelligence ,
Civil Rights Act ,
Corporate Counsel ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Employment Discrimination ,
Hiring & Firing ,
Human Resources Professionals ,
Machine Learning ,
Title VII
I work for a public company that recently experienced a ransomware attack. Fortunately, we were able to restore our business operations quickly by obtaining a decryption key from the threat actor. Given that we managed to get...more
9/11/2024
/ Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Protection ,
Disclosure Requirements ,
Incident Response Plans ,
Publicly-Traded Companies ,
Ransomware ,
Reporting Requirements ,
Reputational Injury ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more
“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more
“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more
Each of the 50 states has its own definition of what constitutes a reportable data breach. For some, it requires “unauthorized access” to personal information. For others, it requires “unauthorized acquisition.” And then,...more
7/25/2024
/ Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Theft ,
Identity Theft ,
Personal Data ,
Personally Identifiable Information ,
Unauthorized Access
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
On June 24, the staff of the U.S. Securities and Exchange Commission's (SEC) Division of Corporation Finance (Division of Corporation Finance) released five new Compliance & Disclosure Interpretations (C&DIs) relating to the...more
7/17/2024
/ C&DIs ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Disclosure Requirements ,
Enforcement Actions ,
Ransomware ,
Regulation FD ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Regulation ,
Securities Violations
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
In the latest episode of Unauthorized Access, host Sadia Mirza welcomes Kaitlin Clemens, the newest member of Troutman Pepper's Incidents + Investigations team. Kaitlin shares her journey into incident response and...more
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
On Tuesday, Texas Attorney General (AG) Ken Paxton announced the creation of a team dedicated solely to the prosecution and enforcement of Texas’ privacy laws. The team will focus on handling cases under at least seven...more
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
Unauthorized Access, our privacy and cybersecurity-focused podcast, spotlights the human side of the cybersecurity industry. In this episode, Sadia welcomes Sherri Davidoff, CEO of LMG Security, to discuss the challenges and...more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
2/19/2024
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Incident Response Plans ,
Investigations ,
NIST ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Oversight ,
Regulatory Reform ,
Regulatory Requirements ,
Settlement
Unauthorized Access, Troutman Pepper's privacy and cybersecurity-focused podcast, spotlights the human aspect of the cybersecurity industry, introducing you to the remarkable personalities that make the industry amazing....more
Unauthorized Access, Troutman Pepper's privacy and cybersecurity-focused podcast, spotlights the human aspect of the cybersecurity industry, introducing you to the remarkable personalities that make the industry amazing. In...more
It is indeed a tangled regulatory web woven to potentially trap an organization in the wake of a data incident. Navigating this web can involve significant resources, time, and stress. As we discussed in part two of this...more
12/13/2023
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Oversight ,
State Attorneys General
It’s official! The Unauthorized Access podcast has returned, now with a slightly different spin. Our monthly podcast will spotlight the human aspect of cybersecurity, bringing you closer to the remarkable personalities...more