AI Today in 5: August 7, 2025. The US v. China Episode
Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
Effective July 1, 2025, Tennessee enters the national privacy conversation with the Tennessee Information Protection Act (TIPA), becoming the latest state to enact a comprehensive consumer data privacy law. However, this...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
Biden’s sweeping AI Executive Order sought to have artificial intelligence used in accordance with eight underlying principles. The order, while directed to government agencies, will impact businesses as well. In particular,...more
In the burgeoning realm of data incidents, it is a truism that such incidents are not created equal. Indeed, a data incident is not necessarily a data breach. Originally published in Reuters -August 24, 2023...more
In response to a constantly-evolving cyber threat landscape, the Biden Administration recently announced the launch of a new cybersecurity labeling program – the U.S. Cyber Trust Mark program – in an effort to enhance...more
On May 11, 2023, Governor Bill Lee signed the Tennessee Information Protection Act (TIPA) into law. Tennessee now joins the rapidly increasing group of states, California, Utah, Colorado, Connecticut, Virginia, Iowa and...more
It has been an active legislative season, with numerous states advancing new data privacy laws. In May, Indiana, Montana, and Tennessee joined Iowa in adopting new privacy laws, while the legislature in Texas sent an omnibus...more
The Tennessee governor has signed Tennessee’s comprehensive privacy law, which as we have indicated will go into effect July 1, 2025. As initially proposed, the law would have been effective July 1, 2024, and would have...more
On Friday, April 21, the Montana and Tennessee state legislatures approved comprehensive privacy law proposals. In Montana, the state senate passed an amended version of the Montana Consumer Data Privacy Act (SB 384) in a...more
CYBERSECURITY NIST - Releases Guidance on Supply Chain Security - The National Institute of Standards and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain...more
Do you want a simple way to keep current on important privacy changes? Avoid sleepless nights wondering whether you missed a privacy speed bump or pothole between annual updates? Worry no longer. Troutman Pepper is pleased to...more
Under the California Consumer Privacy Act, any California consumer whose personal information is compromised “as a result of the business’ violation of the duty to implement and maintain reasonable security procedures and...more
As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages between $100-$750 per incident, even in the absence of any actual...more
On Tuesday, November 26, Sen. Maria Cantwell (D-WA), Ranking Member of the Senate Commerce, Science, and Transportation Committee, introduced the Consumer Online Privacy Rights Act. The bill notably contains a private right...more
Federal US News - FTC Takes Action Against Companies Falsely Claiming Compliance With International Privacy Agreements - The FTC reached a settlement with a background screening company over allegations it falsely claimed...more
2019 will bring significant privacy law changes in the U.S. These changes will require significant compliance efforts by companies operating in the U.S. this year. It is still an open question as to whether those compliance...more
On the heels of the European Union's General Data Protection law, which went into effect in May 2018, California has enacted the California Consumer Privacy Act ("CCPA")—the result of an 11th-hour compromise between...more
Although numerous attempts have been made to pass a comprehensive U.S. privacy law over the years, this one might actually succeed. Efforts have begun on multiple fronts. ...more