12 O’Clock High, A Podcast on Business Leadership – Leadership in Cybersecurity and Privacy with Robert Meyers
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Information Security and ISO 27001
A Compliance Officer Turned Board Member's Advice
Cyberside Chats: Protect Your Crown Jewels – Nobody breaks into a bank to steal the posters
Unauthorized Access: An Inside Look at Incident Response
No Password Required: The Philosopher CISO of Tallahassee Who Lives to Help Other People
Cyberside Chats - Zero Trust and Cyber Negligence: A conversation with Dr. Zero Trust Chase Cunningham
No Password Required: A Former Police Officer Who Embodies All the Qualities of a Great Leader
Modernize your Information Governance: Building a Framework for Success
CyberSide Chats: Recap of the White House Cyber Summit (with Amanda Fennell)
Canna We Talk Cannabis? Cybersecurity Risks Bring Growing Pains to Cannabis Businesses
The Importance Of Cybersecurity During A Merger & Acquisition Transaction
Phishing and Vishing and Smishing (Oh my!): New Types of Scams Require Increased Vigilance
On September 10, 2025, the U.S. Department of Defense (DoD) published its long-awaited final rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) to incorporate contractual requirements related to the...more
The U.S. Securities and Exchange Commission (the “SEC”) adopted changes to its Electronic Data Gathering, Analysis, and Retrieval System (“EDGAR”) used by private and public companies and other reporting persons to submit...more
The FAR Council is undertaking a systematic approach to revising the FARs. On August 15, 2025, it released its revisions to FAR Part 4, Administrative and Information Matters, FAR Part 8, Required Sources of Supplies and...more
The FTC has issued FAQs for Gramm-Leach-Bliley Act (GLBA) Safeguards Rule compliance by Motor Vehicle Dealers. Here is what you need to know: Step 1: Are you a financial institution? • You are if you either finance (or...more
Succession planning has long been a cornerstone of business continuity. It ensures that ownership transitions happen smoothly, that leadership changes do not disrupt operations, and that enterprise value is protected (or even...more
12 O’Clock High, an award-winning podcast on business leadership, brings together stories from history, the arts, sports, movies, research, and current events to consider leadership lessons. In this episode, Tom Fox welcomes...more
Written Information Security Programs, commonly referred to as WISPs, are critical plans to have in place – not only to efficiently and effectively respond to ransomware attacks and data breaches when they occur – but to...more
Drug and device manufacturers are increasingly targeted by cyber threats that can compromise patient safety, intellectual property, and other critical data and systems, while also facing new regulatory demands. As regulators...more
As cybersecurity threats escalate, state legislatures across the country are tightening requirements for how insurance entities respond to data breaches – and thanks to a new law just passed several weeks ago, Missouri is...more
Section 847 is widely regarded as a seismic shift that will result in a jump from 2,000 to 41,000 cases being processed annually! In anticipation of this, DCSA has been scaling up their resources and personnel. ACI’s 8th...more
While technology plays a pivotal role in cybersecurity, the human element is equally crucial. An organization's culture can significantly influence the effectiveness of its cybersecurity measures. A strong cybersecurity...more
May 1 is World Password Day, a day for organizations to remind their employees of the importance of using strong passwords and practicing good password hygiene to protect personal and work accounts. It’s a time for...more
On April 14, the OCC released a letter providing more details on the recent security breach involving its email systems. The breach — identified as a major incident under the Federal Information Security Modernization Act...more
On April 23, 2025, Quebec’s Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents (Regulation) will come into force. Issued by...more
Over half of US states require annual compliance certifications from insurance providers. While the filing time frames for this year draw to a close, companies may want to keep them in mind not only for next year, but as a...more
On April 8, the OCC announced it had notified Congress of a major information security incident, as required by the Federal Information Security Modernization Act. The incident involved unauthorized access to emails and their...more
This winter, Latham’s Investment Funds Practice provided guidance on the Securities and Exchange Commission’s (SEC) 2025 examination priorities for private fund advisers in the latest installment of the Private Funds...more
Hawaii’s State Data Office recently issued a series of guidance documents for its state agencies on how to handle artificial intelligence. This includes guidance on data protection, data retention and use of Generative AI....more
The PRC National Technical Committee 260 on Cybersecurity of SAC (“TC260”) published new Guidelines on Identifying Sensitive Personal Information (“Guidelines”) on 18 September 2024, nearly three months after it released the...more
On October 31, OIG for the Fed and the CFPB released its 2024 Audit of the Board’s Information Security Program. The audit found that the Board’s information security program continues to operate at a level-4 (managed and...more
On October 21, 2024, the US Securities and Exchange Commission ("SEC") Division of Examinations ("Examination Division") announced its 2025 Examination Priorities ("Report"). Investment advisers and broker-dealers should...more
Country Status Legislation* Commentary Austria Available here Austria has submitted the “Network and Information Security Act” for Parliament’s consideration. It is anticipated that the “Network and Information Security Act”...more
Cybersecurity Awareness Month was established more than 20 years ago to provide resources to enable organizations and their employees to stay safer and more secure online...more
ISO 27001 is the leading standard for information security management systems. As Mel Blackmore, CEO of UK-based Blackmores explains, it is a framework that applies and is of value regardless of an organization’s size, sector...more
With escalating cyber risks and heightened regulatory scrutiny, every minute after a data breach is crucial. Sophisticated cybercriminals relentlessly target your organization’s most valuable asset: personally identifiable...more