Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Why Privacy Matters to Your Business and What's in Store for 2025
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
On July 20, 2025, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) issued urgent warnings about new, actively exploited vulnerabilities in Microsoft SharePoint Server. These vulnerabilities, known as...more
The 2025 Mitratech Third-Party Risk Management (TPRM) Study conveys a clear message: the third-party risk landscape is evolving into a complex, interconnected ecosystem — one where every vendor, supplier, and partner plays a...more
Credential-based threats—such as password sprays, token reuse, and low-complexity sign-in attempts—remain a constant operational burden. While these activities are easily detected in most environments, the workflows to fully...more
Businesses should be aware of growing security risks from North Korean IT workers targeting freelance contracts from businesses in the U.S. and other countries. Typically, these workers fraudulently claim they are from the US...more
As cyber threats become increasingly sophisticated, traditional security models that rely on perimeter defenses are no longer sufficient. Zero Trust Architecture (ZTA) offers a modern approach to security that assumes no user...more
Tool sprawl is paralyzing enterprise security teams. Learn how to shift from fragile, over-engineered stacks to agile security architectures that accelerate progress....more
The construction industry’s reliance on digital data and devices has reshaped the construction process. When used properly, digital technology facilitates collaboration and increases productivity. However, growing dependence...more
According to a new LayerX report, most users are logging into GenAI tools through personal accounts that are not supported or tracked by an organization’s single sign on policy. These logins to AI SaaS applications are...more
On February 21, 2025, Bybit, one of the world’s largest cryptocurrency exchanges, suffered a cyberattack resulting in the theft of approximately $1.5 billion in Ethereum tokens. This attack marked a new pinnacle in the...more
Within its first few days, the new administration revoked the 2023 Executive Order on Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (the “Old AI Executive Order”) – which had been intended to...more
Everyone seems to be talking about DeepSeek, and its latest AI technologies. But what is DeepSeek? What has it produced? And why is everyone talking about them? This client update is intended to provide some of the basic...more
When evaluating AI risks, legal, ethics and compliance professionals need to divide the question into two — first, what are risks from legal, ethics and compliance internal use of AI? and second, what are business risks from...more
The United Kingdom’s National Cyber Security Centre (NCSC) has released its Annual Review for 2024. As in prior years, the report covers the UK’s cyber security position, both in terms of threats to the public and private...more
Cyber breach costs are skyrocketing, and it is crucial for both insureds and insurers to stay on top of cyber incident response. ?? Ensure your incident response plan is robust ?? Avoid the volatile costs of dealing with...more
The UK National Cyber Security Centre has published guidance on effective communications in a cyber incident. While targeted at organisations generally, rather than explicitly at pension scheme trustees, the guidance contains...more
Planning and developing an effective communications strategy is a critical step in preparing for a cyber security incident. Last week, the UK’s National Cyber Security Centre published guidance on communicating with...more
For episode 211, Heather and Lauren are joined by their colleague Brandon Robinson, who heads up Maynard Nexsen’s Data Privacy and Cybersecurity team. Brandon shares his wealth of knowledge on cybersecurity best practices for...more
Last week I had the pleasure of sitting down and discussing the legal implications of AI with a group of General Counsels. This group of GCs represented companies from the Fortune 100 all the way to mid-size enterprises. That...more
In today's digital landscape, where data and technology are integral to business, companies of all sizes are prime targets for cyberattacks. As privacy and data security attorneys, we see the severe impact of inadequate...more
By now, companies across all industries have become familiar with the lifecycle and stages of a ransomware incident. Generally, once an attack is contained, remediation and rebuilding will follow. Shortly after, the crisis...more
We invite you to join us for an insightful webinar on Best Practices in Cyber Preparedness for Government Contractors and Critical Infrastructure Operators on Wednesday, October 23, 2024, from 12:00 p.m. – 1:00 p.m. EDT....more
October is always a busy month for cybersecurity professionals. For the past 21 years, October has been an especially busy month for me as it is Cybersecurity Awareness Month. This means lots of employee education and...more
On August 22, 2024, the United States intervened in a whistleblower suit against the Georgia Institute of Technology, initially filed by current and former members of Georgia Tech’s cybersecurity team, alleging that Georgia...more
Data Resilience Masterclass: Navigating the Risks of the Digital Age - Data Risk and Resilience is a critical topic for modern businesses, especially within industries that handle vast amounts of sensitive information....more
While most entities that are subject to the HIPAA Security Rule spend considerable time and effort ensuring that they have implemented appropriate administrate and technical safeguards to protect the health information that...more