We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
In a significant turn of events on July 2, 2025, the SEC, SolarWinds Corp. and its Chief Information Security Officer (CISO), Timothy Brown, announced through a joint letter to the U.S. District Court for the Southern...more
The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more
Cybersecurity risk applies to businesses of all sizes and across all industries – it is a risk that cannot be ignored. In particular, cybersecurity risk can no longer be ignored in the deal lifecycle...more
A California federal court recently held that all governance token holders were responsible for any losses suffered in a security incident. Specifically, the court, in denying a motion to dismiss, ruled in part in favor of a...more
Cyber risks are increasing, and as a result, due diligence inquiries and valuations are increasingly focusing on the cybersecurity and privacy risks inherent in a business’s collection, use, retention and disposal of data. ...more
22 Global dealmaking had a historic year in 2021 and is expected to continue its hot streak into 2022. Global M&A volume for 2021 hit $5.8 trillion, up 64% from the previous year, with over 60,000+ deals. Beyond the...more
On February 9, the Securities and Exchange Commission (“SEC”) voted to propose rule 206(4)-9 under the Advisers Act and 38a-2 under the Investment Company Act (collectively, “Proposed Rule”). In general, the Proposed Rule...more
The SEC recently announced a settlement with Pearson plc where the company has agreed to pay $1 million to settle charges that it misled investors about a 2018 cyber incident. According to the order, Pearson made misleading...more
On April 7, 2020, the staff of the Office of Compliance Inspections and Examinations (OCIE) issued a risk alert (Alert) informing investment advisory firms of the potential areas of focus for Form CRS-related examinations. In...more
Editors’ Note: This is the first in our start-of-year series examining important trends in white collar law and investigations in the coming year. Up next: a look at trends in health care enforcement. Look for additional...more
In this month's edition, we examine a judge's ruling allowing an investor suit against Equifax, the dismissal of a class action against the insurer CareFirst and President Donald Trump's launch of a federal artificial...more
In the aftermath of Equifax’s data breach, a federal court recently found that allegations of poor cybersecurity coupled with misleading statements supported a proper cause of action. In its decision, the U.S. District Court...more
Start-up companies know that, when potential investors kick the tires, they will look carefully at the company’s business model and IP portfolio. These days, investors are also likely to look at whether the company is in...more
Fund and Investment Management January 2019 (No. 1) REGULATORY UPDATES Policy Initiatives Set Forth by the U.S. Securities and Exchange Commission’s (“SEC”) Investment Management Division On September 28, 2018, Division of...more
On October 16, 2018, the SEC released an Investigative Report detailing recent email spoofing schemes that caused nine public companies to lose a total of nearly $100 million. Building on its February 2018 guidance about the...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
Dear clients and friends, For this edition of the Corporate Communicator, we summarize key considerations of an interpretative release from the SEC about the SEC’s views on companies’ disclosure obligations relating to...more
The Securities Enforcement Forum West 2018 brought together current and former senior U.S. Securities and Exchange Commission and U.S. Department of Justice officials, securities enforcement and white-collar attorneys,...more
On April 24, 2018, the Securities Exchange Commission (SEC) announced a $35 million fine against the company formerly known as Yahoo! Inc. (now known as Altaba, Inc.) for failing to disclose a massive cyber data breach to its...more
The next in our series of posts sharing key takeaways from panels at the Healthcare & Life Sciences Private Equity and Lending Conference focuses on data privacy and security. As data privacy and security risks...more
The new European General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) will take effect on 25 May 2018. The GDPR expands and clarifies the EU’s existing personal data protection framework. Investment managers...more
On February 21, the Securities and Exchange Commission issued new Interpretive Guidance regarding disclosures of cybersecurity-related information by publicly traded companies. This guidance comes in the context of public...more
• Disclosures must inform investors about material cybersecurity risks and incidents, including addressing material cybersecurity risks for cyber-attacks that have not yet occurred. • Comprehensive policies and procedures...more
On Feb. 21, 2018, the Securities and Exchange Commission (SEC) issued interpretive guidance on its expectations for corporate disclosures on cybersecurity risks. The guidance delineates where it believes existing SEC rules...more
• The U.S. Securities and Exchange Commission (SEC) released, on Feb. 21, 2018, updated guidance regarding public company cybersecurity disclosures. The guidance updates the Commission's 2011 non-binding guidance and...more