Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
On June 30, 2025, Governor Mike DeWine signed into law (HB 96), a cybersecurity mandate that applies to all political subdivisions in Ohio—including counties, municipalities, townships, and school districts. ...more
In an era when data is everything, everywhere, all at once and computation has almost no limit, ensuring privacy while leveraging data analytics is paramount. The US Department of Commerce’s National Institute of Standards...more
The National Security Agency’s Artificial Intelligence, Security Center (AISC), together with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Australian Signals...more
Encryption is one of several cornerstones of a robust information security program. Articles on quantum computing often include the compelling narrative that encryption is at risk, but as with any revolutionary technology,...more
On April 14, 2025, the National Institute of Standards and Technology (NIST) released a draft update to the NIST Privacy Framework 1.1. The updates are meant to enhance organizations’ data governance and risk management and...more
Quantum computing (QC) is poised to disrupt cybersecurity in ways that business leaders and legal professionals cannot afford to ignore. But what exactly is quantum computing, why does it pose such a significant threat to...more
The integration of artificial intelligence (AI) tools in healthcare is revolutionizing the industry, bringing efficiencies to the practice of medicine and benefits to patients. However, the negotiation of third-party AI tools...more
Organizations seeking to improve their cybersecurity posture in 2025 must assess what happens after an incident has occurred, and how an incident response team will be able to mobilize to respond. This article provides...more
Virginia has become the first state in 2025 to pass comprehensive artificial intelligence regulation, with lawmakers approving the "High-Risk Artificial Intelligence Developer and Deployer Act" (HB 2094). The legislation,...more
Accountability is a pervasive AI principle. But how to put it into practice? Accountability is a pervasive AI principle. But how to put it into practice? If you’re reading this note, you likely already know three things:...more
The FAR Council issued a proposed rule that would amend the several FAR provisions and add new clauses to provide guidance on the safe handling of CUI. Public comments on the proposed rule are being accepted until March 17,...more
On November 22, 2024, Engineers and Geoscientists British Columbia (EGBC) released Use of Artificial Intelligence (AI) in Professional Practice, a practice advisory for EGBC registrants that provides guidelines on the use of...more
The HIPAA Security Rule was originally promulgated over 20 years ago. While it historically provided an important regulatory floor for securing electronic protected health information, the Security Rule’s lack of...more
This year’s Data Privacy Week theme is “take control of your data.” That can be really challenging to do. Data is collected from everywhere—whether online or offline—and can be stored and used indefinitely (even if the...more
On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more
After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
In light of recent cyberattacks targeting the federal government and United States supply chains, President Biden’s administration has released an Executive Order (the “Order”) in an attempt to modernize and enhance the...more
Data Resilience Masterclass: Navigating the Risks of the Digital Age - Data Risk and Resilience is a critical topic for modern businesses, especially within industries that handle vast amounts of sensitive information....more
Defining the role of inherent risk in cybersecurity - Inherent risk is a concept that while fundamental to cybersecurity, has largely been disregarded by popular cybersecurity risk guidelines and standards and remains arcane...more
As artificial intelligence (AI) continues to advance rapidly, organizations of all types are seeking to deploy this powerful tool to increase the effectiveness and efficiency of their operations, improve service to their...more
Earlier this year, the National Institute of Standards and Technology (NIST) issued an update to its Cybersecurity Framework (CSF) with the release of version 2.0, the first update since April 2018 (version 1.1). While the...more
In the absence of federal cybersecurity and data privacy laws, companies have to look to other sources of guidance, including industry standards, and state laws. The National Institute of Standards and Technology (“NIST”)...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
In January 2024, Virginia Governor Glenn Youngkin announced and signed Executive Order 30 on Artificial Intelligence (EO 30), establishing “important safety standards to ensure the responsible, ethical, and transparent use of...more