No Password Required: From Heavy Metal to the Front Lines of Cyber Innovation
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Herb Stapleton's FBI Experience Proves to be Asset to Dinsmore's Corporate Team
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
2023 DSIR Report Deeper Dive into the Data
Cybersecurity: What Healthcare Providers Need to Know
2022 DSIR Deeper Dive: NFTs
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
Hot Topics: Risk Management for Cybersecurity
2022 DSIR Report Deeper Dive: The Expanding Landscape of State Data Privacy Laws
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
2022 DSIR Report Deeper Dive: Personal Data Deletion
Panel Pursuit: The Ins and Outs of Becoming a Preferred Panel Vendor - Unauthorized Access Podcast
Data asset protection is traditionally associated with industries and entities that develop or store particularly sensitive information, like tech companies, hospitals, law firms, and government entities. However, data asset...more
Data is at the center of our digital economy and provides endless ways to interact and connect with customers. Maintaining more data means taking on more risk. Join us for an interactive program that begins in the middle of a...more
Salesloft issued a security notification on August 26 regarding its Drift application. It appears to be a broad opportunistic attack on Salesloft/Drift instances integrated with Salesforce tenants. Salesloft issued updates...more
On May 16, 2024, the SEC, under former Chair Gary Gensler, adopted sweeping amendments to Regulation S-P, which governs the privacy and data security of nonpublic consumer personal and financial information for a broad range...more
On July 30, 2025, a wine producer was sued in connection with a cyberattack that allegedly compromised the data of at least 26,000 customers. Among other things, the complaint alleges that the company failed to implement...more
The new world of AI presents significant benefits and risks that need to be addressed in an overall governance framework. Luckily, the principles to apply here will surprise no one — governance, compliance, legal and risk...more
On May 16, 2024, the Securities and Exchange Commission (SEC) adopted sweeping amendments to Regulation S-P, which governs the privacy of nonpublic consumer personal and financial information for a broad range of financial...more
NAVEX dominates the hotline market. Given its global footprint, NAVEX has access to a large database of employee reports. Building on this unique perspective, NAVEX provides an annual report analyzing the employee reporting...more
Health care remains one of the most targeted and vulnerable sectors when it comes to cyberattacks. In fact, a recent breach at a major health care analytics firm exposed the data of 5.4 million U.S. patients, making it one of...more
In its FY 2026 budget, Ohio quietly folded in a sweeping cybersecurity mandate that will require every “political subdivision” to have a cybersecurity program that aligns with recognized industry frameworks and adopt strict...more
As cybersecurity threats escalate, state legislatures across the country are tightening requirements for how insurance entities respond to data breaches – and thanks to a new law just passed several weeks ago, Missouri is...more
The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more
Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more
The world of data and tech are advancing at lightning speed. Associated with this, governments and regulators are imposing more robust frameworks and legislative requirements to help safeguard organisations and the data they...more
Unlike Europe’s comprehensive General Data Protection Regulation framework, the United States still lacks an all-encompassing data privacy statute. Instead, data centers operating in the United States must navigate a complex...more
The SEC’s amended Regulation S-P, adopted last year, will soon enhance data privacy protections for broker-dealers, investment companies, registered investment advisors, and transfer agents. The updated rule requires these...more
Our Privacy, Cyber & Data Strategy Team discusses how to overcome five challenges companies face in the wake of a data security incident when reviewing impacted data to comply with legal obligations....more
Information leaks can range from exposures of internal decisions and salary data to the disclosure of intellectual property, strategy documents, or board minutes. Whether accidental or intentional, these leaks demand...more
Law firms, accounting firms, and consulting firms are embracing AI to improve efficiency, deliver insight, and stay competitive. But without intentional governance, compliance, and policy frameworks, these innovations can...more
In an era where digital threats are more sophisticated than ever, cybersecurity has become a pressing concern for family enterprises. These businesses are attractive targets for cyberattacks and need to balance the critical...more
Businesses with employees in Hong Kong should be aware of new guidelines aiming to help companies develop policies on generative AI use in the workplace. Although the new guidelines are not binding, they are meant to align...more
On March 28, 2025, the Florida Bar unanimously approved Recommendation 25-1, which was proposed by its Cybersecurity & Privacy Law Committee and encourages all Florida Bar members and their firms to adopt certain proactive...more
In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to...more
Asking the right questions within your organization is key to effectively managing cyber risk. Here are 10 questions that you should ask your team...more
1. Know What Laws Apply to your Organization It’s not surprising many leaders are unsure about which new laws or regulations apply to their organization. Privacy and security laws, particularly in the U.S., have changed...more