No Password Required: From Heavy Metal to the Front Lines of Cyber Innovation
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Herb Stapleton's FBI Experience Proves to be Asset to Dinsmore's Corporate Team
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
2023 DSIR Report Deeper Dive into the Data
Cybersecurity: What Healthcare Providers Need to Know
2022 DSIR Deeper Dive: NFTs
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
Hot Topics: Risk Management for Cybersecurity
2022 DSIR Report Deeper Dive: The Expanding Landscape of State Data Privacy Laws
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
2022 DSIR Report Deeper Dive: Personal Data Deletion
Panel Pursuit: The Ins and Outs of Becoming a Preferred Panel Vendor - Unauthorized Access Podcast
On this Ropes & Gray podcast, Nitish Upadhyaya, director of behavioral insights at R&G Insights Lab, is joined by partners from Ropes & Gray’s global crisis management & investigations practice—Jim Dowden, Laura Hoey, Josh...more
Data asset protection is traditionally associated with industries and entities that develop or store particularly sensitive information, like tech companies, hospitals, law firms, and government entities. However, data asset...more
One key lesson from the ongoing ransomware epidemic is clear: threat actors don’t discriminate. It doesn’t matter who you are or what your business does — if they see an opening, they’ll exploit it, ready or not. Despite...more
The new world of AI presents significant benefits and risks that need to be addressed in an overall governance framework. Luckily, the principles to apply here will surprise no one — governance, compliance, legal and risk...more
How do I protect my executives from deepfakes? You can take several steps to protect your executives from deepfakes, including: Awareness: Educate executives about the risks and warning signs of deepfakes. Monitoring:...more
Written Information Security Programs, commonly referred to as WISPs, are critical plans to have in place – not only to efficiently and effectively respond to ransomware attacks and data breaches when they occur – but to...more
A single outage can spiral into hours of downtime, frustrated customers, and significant revenue loss across your business....more
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Law Workshop featured three panels of...more
During the Biden administration, there was a push to prioritize and modernize cybersecurity responses, and the National Institute of Standards and Technology (NIST) agreed to work with the technology industry to develop a new...more
Law firms, accounting firms, and consulting firms are embracing AI to improve efficiency, deliver insight, and stay competitive. But without intentional governance, compliance, and policy frameworks, these innovations can...more
Asking the right questions within your organization is key to effectively managing cyber risk. Here are 10 questions that you should ask your team...more
Ready to ditch outdated guidelines and adopt a fresh take on your IT Disaster Recovery plans? Spring is the season of renewal, making it the perfect time to refresh not only physical spaces but also strategies and...more
As we look back on the SEC’s actions in 2024, we wanted to share our thoughts on lessons learned that we believe will carry through to 2025....more
As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more
It’s not enough to have the right policies in place — you have to embed those policies into the fabric of your organization. In today’s fast-paced and interconnected business world, ensuring compliance and building an...more
SEC DROPS NEW REQUIREMENT FOR INCIDENT RESPONSE PROGRAMS, PROPOSAL FOR RIAS TO ADOPT CIP, SEC EXAMS SHARES MARKETING RULE FAILURES, RIA SLAMMED FOR FAILING TO RETAIN TEXTS, AND SEC WINS ON SHADOW TRADING THEORY - Welcome to...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
On November 1, 2023, New York Department of Financial Services (NYDFS or the “Department”) released the finalized revisions (the “Second Amendment”) to 23 NYCRR Part 500 (Part 500) – the most significant modifications to Part...more
On November 1, 2023, the New York Department of Financial Services (NY DFS) published its highly anticipated final amendments to its influential cybersecurity requirements for financial services companies (Part 500)....more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
In a narrow 3-2 decision on July 26, the SEC adopted its final rule concerning cybersecurity risk management, strategy, governance, and incident disclosure (the “Final Rule”). Below we highlight some of the principal changes...more
Last month, Gurbir Grewal, the Director of the SEC’s Division of Enforcement, spoke at the Financial Times Cyber Resilience Summit. During the remarks, he outlined the importance of cybersecurity and signaled that the SEC is...more
It has been a full year since the initial comment period closed on the Securities and Exchange Commission’s (“SEC”) proposed rule on cybersecurity disclosure, governance, and risk management for public companies (the...more
Over the past few months, the OIG shorts series focused on structuring and implementing a comprehensive and effective ethics and compliance program. Many times, this requires a mindset shift from a checking-the-box mentality...more
The modern security ecosystem is diverse and ever-changing, a place where cyber risk is top of mind for leaders at all levels, and threats to information / data security and privacy evolve at the speed of the technical...more