No Password Required: From Heavy Metal to the Front Lines of Cyber Innovation
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Herb Stapleton's FBI Experience Proves to be Asset to Dinsmore's Corporate Team
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
2023 DSIR Report Deeper Dive into the Data
Cybersecurity: What Healthcare Providers Need to Know
2022 DSIR Deeper Dive: NFTs
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
Hot Topics: Risk Management for Cybersecurity
2022 DSIR Report Deeper Dive: The Expanding Landscape of State Data Privacy Laws
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
2022 DSIR Report Deeper Dive: Personal Data Deletion
Panel Pursuit: The Ins and Outs of Becoming a Preferred Panel Vendor - Unauthorized Access Podcast
Significant data breaches have affected major players in the healthcare industry in the last year, with the methods of attack being as diverse as the affected entities themselves. Originally published in Law360 - June 4,...more
On August 19, 2025, the Massachusetts Attorney General announced a $795,000 settlement with Peabody Properties, Inc., a Braintree, Massachusetts-based property management company, over serious failures in its handling of...more
The Agency for Health Care Administration (AHCA) has proposed a new Florida Administrative Code Regulation (Rule) regarding "data breach transparency." The Rule will apply to the following...more
Rhode Island has enacted Senate Bill 603 (SB603), effective July 2, 2025, establishing a comprehensive cybersecurity framework for nonbank financial institutions licensed by the state’s Department of Business Regulation...more
As major cyber-attacks continue to cause widespread organisational and economic disruption, and botnets are being discovered which have the capability of comprising entire organisations, many businesses are re-evaluating...more
The new world of AI presents significant benefits and risks that need to be addressed in an overall governance framework. Luckily, the principles to apply here will surprise no one — governance, compliance, legal and risk...more
INTRODUCTION - The Protection of Critical Infrastructures (Computer Systems) Bill (the "Bill"), as the first law in Hong Kong to deal with cybersecurity was passed on 19 March 2025, and will come into force on 1 January 2026....more
In its FY 2026 budget, Ohio quietly folded in a sweeping cybersecurity mandate that will require every “political subdivision” to have a cybersecurity program that aligns with recognized industry frameworks and adopt strict...more
Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more
The 2025 Mitratech Third-Party Risk Management (TPRM) Study conveys a clear message: the third-party risk landscape is evolving into a complex, interconnected ecosystem — one where every vendor, supplier, and partner plays a...more
Our Privacy, Cyber & Data Strategy Team discusses how to overcome five challenges companies face in the wake of a data security incident when reviewing impacted data to comply with legal obligations....more
During the Biden administration, there was a push to prioritize and modernize cybersecurity responses, and the National Institute of Standards and Technology (NIST) agreed to work with the technology industry to develop a new...more
In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to...more
On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more
Asking the right questions within your organization is key to effectively managing cyber risk. Here are 10 questions that you should ask your team...more
On Jan. 6, 2025, the U.S. Department of Health and Human Services (HHS) proposed new regulations to enhance cybersecurity protections for electronic protected health information (ePHI) under the Health Insurance Portability...more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
We invite you to join us for an insightful webinar on Best Practices in Cyber Preparedness for Government Contractors and Critical Infrastructure Operators on Wednesday, October 23, 2024, from 12:00 p.m. – 1:00 p.m. EDT....more
Who may be interested: Investment Companies; Investment Advisers; Broker-Dealers; Transfer Agents - The SEC adopted amendments to Regulation S-P imposing new data privacy and security requirements on broker-dealers,...more
The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
A ransomware attack is no company’s idea of a good time, but I do sense one positive development emerging from the epidemic of attacks we’ve witnessed this year: Boards and senior management agree that they must move beyond a...more
Our Regional Compliance Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational opportunities for...more
I am hardly saying that SEC Regulation S-P is the sexiest of regulations. I mean, has any customer is history actually read one of those exciting statement stuffers that discloses in some dense font a BD’s privacy policy?...more