We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Keypoint: New York has amended its data breach notification law twice in the last 60 days to (1) add a 30-day deadline for notifying affected residents, (2) clarify that covered financial entities must still notify the New...more
Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more
The Corporate Transparency Act (CTA), a law intended to enable the Financial Crimes Enforcement Network (FinCEN) to detect shell companies and protect the U.S. financial system from abuse by money launderers, drug...more
Texas recently amended its breach notification statute to shorten the time businesses have to notify the state Attorney General after a data breach affecting 250 or more Texas residents. As of September 1, businesses must...more
On July 26, 2023, the Securities and Exchange Commission (“SEC”) voted to approve final rules governing cybersecurity disclosures of public companies (“Final Rules”). The Final Rules make meaningful changes to the current and...more
Depuis le 22 septembre 2022, les entités du secteur privé exerçant des activités au Québec doivent aviser, avec diligence, la Commission d’accès à l’information (la « CAI ») de toute atteinte à la vie privée (soit un «...more
As of September 22, 2022, private-sector entities carrying on business in Quebec are required to notify Quebec’s Commission d’acces a l’information (CAI) and affected individuals of a privacy breach (referred to as a...more
The Indian Computer Emergency Response Team (“CERT-In”) issued Directions on April 28, 2022 “to strengthen the cybersecurity in the country” and that has significant implications for the cybersecurity landscape. Effective...more
The charitable organization sector faces many compliance challenges, including: - unique tax exemption issues - fundraising registration and related issues - privacy and data security - complex reporting...more
In June 2019, U.S. Customs and Border Protection (“CBP”) suspended a government contractor, Perceptics, LLC, after it suffered a highly publicized cyberattack that resulted in a breach of sensitive data collected from...more
To mark the one-year anniversary of mandatory breach reporting under the Personal Information Protection and Electronic Documents Act (PIPEDA), the Office of the Privacy Commissioner of Canada (OPC) published a blog post...more
It’s hard to keep up with all the recent changes to labor and employment law. While the law always seems to evolve at a rapid pace, there have been an unprecedented number of changes for the past few years—and this past month...more
On April 18, 2018, the Canadian government published final regulations which include mandatory privacy breach notification, reporting and record-keeping obligations under Canada’s federal data protection law called the...more
The Government of Canada has announced that its proposed data breach notification requirements pursuant to the Digital Privacy Act (the “Act”) will take effect on November 1, 2018. The Act amends Canada’s Personal...more
As of early December 2014, 1,170 security breaches under the Health Insurance Portability and Accountability Act (HIPAA) involving 31 million records had been reported to the U.S. Department of Health and Human Services (HHS)...more
Data breaches may be nothing new, but they are certainly evolving into bigger and more notorious infractions. While the data breaches of yesterday may have involved accidental disclosure or disgruntled former employees, the...more