We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
The SEC’s amended Regulation S-P, adopted last year, will soon enhance data privacy protections for broker-dealers, investment companies, registered investment advisors, and transfer agents. The updated rule requires these...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
The amended rule requires financial institutions to notify the FTC within 30 days of discovery of a security breach involving information of at least 500 consumers. ...more
Back in 2021, the FTC announced substantial changes to the Rule that imposed more detailed and rigorous security requirements for covered financial institutions and was largely based on the New York State Department of...more
There are so many factors that go into breach response. Determining the size of the breach, time limitations, legal requirements, notification needs, urgency for containment, and interrupted business operations are just a...more
The European Data Protection Board (EDPB) held its 77th plenary meeting on 28 March 2023. The EDPB considered the following key topics...more
On March 15, 2023, the U.S. Securities and Exchange Commission (“SEC”) released its proposal to amend Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information (the “Proposed...more
Banking organizations must notify the appropriate agency within 36 hours of certain computer-security incidents; and banking service providers must notify affected banking organizations as soon as possible in the event of an...more
In addition to recently passing a cybersecurity safe harbor law, Connecticut also updated its data breach notification law. Connecticut joins Texas in passing changes to breach notification requirements this year. There are...more
Connecticut has become the third state to enact a cybersecurity safe harbor statute. On June 16 and July 6, 2021, Connecticut Governor Ned Lamont signed two new cybersecurity laws that continue the national trend of...more
This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months....more
On October 1, 2020, the three-month grace period for businesses to comply with the Dubai International Financial Centre (DIFC) Data Protection Law (DIFC Law No. 5 of 2020) (“DPL 2020”) came to an end. Regulating the...more
On March 5, 2020, Gov. Phil Scott (VT-R) signed into law amendments to the Security Breach Notice Act (the “Act”). The amendments, which originated in the State Senate as part of an initiative addressing a number of data...more
The window for getting up to speed on California Consumer Privacy Act requirements is rapidly closing. The state Attorney General’s final version of the regulations goes into effect on July 1. This article provides a...more
In a June tIPsheet article titled “Privacy Gone Public: How growing push for privacy laws may affect U.S. Businesses,” we gave an update on the California Consumer Privacy Act (CCPA) and some pending amendments that could...more
On February 21, 2019, California Attorney General Xavier Becerra and Assemblymember Marc Levine (D-San Rafael) announced Assembly Bill 1130 which intended to strengthen and expand California’s existing data breach...more
On January 1, 2020, the California Consumer Privacy Act (CCPA), a consumer-friendly privacy law inspired by the European Union’s General Data Protection Regulation, is set to take effect. The CCPA is aimed towards bolstering...more
This version updates the third edition of the Survey that we circulated last year, including new statutes and amendments that have been enacted since August of 2018. This survey focuses on the data breach notification...more
Illinois has updated its breach notice law to require, effective January 1, 2020, notice to the Illinois Attorney General of a data breach involving more than 500 Illinois residents. The law contains specific requirements...more
We routinely recommend to clients that they develop a written information security program (“WISP”), to safeguard sensitive information on a day-to-day basis. In fact, businesses (wherever located) that collect, store or use...more
New York Governor Andrew M. Cuomo signed a bill into law last week that expands New York’s data breach notification law. The Stop Hacks and Improve Electronic Data Security (SHIELD) Act brings the New York data breach...more
On July 25, 2019, New York Governor Andrew Cuomo signed the Stop Hacks and Improve Electronic Data Security Act (the “SHIELD Act”), making key changes to New York’s data breach notification and cybersecurity laws....more
Over the past six months, a significant number of states have amended their data breach notification statutes. Specifically, thirteen states have amended their statutes to: (1) require notice to the State Attorney General,...more
A few weeks ago, Texas signed into law an amendment to its data breach law, capping off a busy first half of 2019 for state lawmakers in this arena. As we gear up for the second half of 2019, we thought a recap was...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more