We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
On January 13, 2025, the Securities and Exchange Commission (“SEC”) filed a settled enforcement action against Ashford Inc. (“Ashford” or “the Company”), a company that provides products and services to the real estate and...more
After hearing argument earlier this month in a widely followed securities law case concerning risk-factor disclosures of public companies, the U.S. Supreme Court last week decided it should not have agreed to hear the case...more
On October 22, 2024, the SEC charged two current reporting companies, Unisys Corp. and Check Point Software Technologies, and two former public companies, Mimecast Limited and Avaya Holdings Corp., with making materially...more
On October 22, 2024, the SEC announced that it had entered into settlements with four separate companies for making allegedly misleading disclosures about how they were impacted by the SolarWinds data breach in 2019. The...more
On July 26, 2023, the Securities and Exchange Commission (“SEC”) voted to approve final rules governing cybersecurity disclosures of public companies (“Final Rules”). The Final Rules make meaningful changes to the current and...more
The Federal Trade Commission (FTC) recently issued a blog post stating that a failure to disclose a data breach may be a violation of Section 5 of the FTC Act. The May 20 blog post, titled Security Beyond Prevention: The...more
It’s déjà vu all over again! On Monday, the SEC announced settled charges against Pearson plc, an NYSE-listed, educational publishing and services company based in London, for failure to disclose a cybersecurity breach. You...more
The charitable organization sector faces many compliance challenges, including: - unique tax exemption issues - fundraising registration and related issues - privacy and data security - complex reporting...more
On August 20, 2020, former Uber Chief Security Officer Joe Sullivan was charged with obstruction of justice and misprision of a felony for knowingly concealing a hack of Uber in 2016. Based on Sullivan’s complaint,...more
In a recent decision, a Virginia federal magistrate judge held that the attorney work product doctrine did not protect from discovery a forensic investigation report created for Capital One in the wake of a 2019 data breach....more
One thing I appreciate about the SEC comment letter process is that it gives real life examples to what is often discussed hypothetically. Take, for example, cybersecurity and steps management should take when a data incident...more
It’s January 2020. Thousands of businesses just completed the mad dash to meet the California Consumer Privacy Act’s (CCPA) requirements. Unfortunately, now is not the time to take a breather if you have employees in...more
As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation...more
Despite focused media coverage and a steady increase in the number of data breaches involving public companies, there has not been a corresponding increase in shareholder securities fraud and shareholder derivative claims...more
On February 21, 2018, the Securities and Exchange Commission (the “SEC”) issued interpretative guidance to assist public companies in preparing disclosures about cybersecurity risks and incidents.1 The guidance refreshes...more
On February 21, 2018, the U.S. Securities and Exchange Commission (SEC) issued updates to its interpretive guidance on how public companies should disclose cybersecurity breaches and risks. There are two core messages at...more
On September 7, 2017, Equifax, one of the country’s three primary credit reporting bureaus, announced it had suffered a major cybersecurity breach that could potentially affect half of the U.S. population. According to the...more
The European Commission's proposed e-privacy regulation sets forth obligations on handling electronic communications and clarifies obligations for seeking consent for the use of cookies. Meant to bring the e-privacy directive...more
The SEC announced last week that an investment adviser had agreed to settle charges that it failed to take required steps to protect against and respond effectively to a cybersecurity breach. The action comes on the heels of...more