Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: Texas Limits Punitive Damage Liability For Data Security Breach...more
A year ago, we highlighted the National Institute of Standards and Technology’s ("NIST") release of a framework designed to address AI risks (the “AI RMF”). We noted how it is abstract, like its central subject, and is...more
NIST Publishes Report on the Cybersecurity of Genomic Data. On December 20, 2023, the NIST National Cybersecurity Center of Excellence (NCCoE) published Final NIST IR 8432, Cybersecurity of Genomic Data. Informed by direction...more
In honor of Data Privacy Week, each day this week Miller Nash is releasing one of our top five recommendations for where businesses should focus their privacy compliance efforts in 2024. If you need assistance reviewing your...more
The Federal Trade Commission (“FTC”) highlights lessons learned on privacy, data security, truth in advertising, and artificial intelligence (“AI”) in new guidance drawing from recent enforcement actions involving genetic...more
A previous installment discussed the centrality of network topology to an organization’s data security and outlined the legal framework and obligations incumbent upon many organizations in the U.S. The first installment can...more
Publications and Advisories - November 13, 2023 – Kathleen Benway, Kate Hanniford, Amy Mushahwar, Kim Peretti, and Lance Taubin published “Privacy, Cyber & Data Strategy Advisory: FTC Approved New Data Breach Notification...more
On August 8, 2023, the National Institute of Standards and Technology (NIST) released the initial draft of its Cybersecurity Framework 2.0 and draft Implementation Examples for public comment. This marks the first significant...more
Within the past year, a number of countries around the world, including the United States, United Kingdom, France, and The Netherlands have initiated regulatory inquiries and developed new strategies for the purpose of more...more
GoodRx Faces Million Dollar Proposed Penalty from FTC in First Enforcement Action Under the Health Breach Notification Rule - Settlement reveals views on application of unfairness authority to sharing of sensitive...more
Welcome to Holland & Knight's first monthly data privacy and security news update. We are excited to bring you the latest in policy, regulatory updates and other significant developments. ...more
Beginning in 2019, the US federal government ramped up its involvement in, and regulation of, the use of artificial intelligence (AI). The federal government is grappling with how to incentivize AI innovation responsibly,...more
Key Wireless Deadlines- FCC Seeks Comment on Unlicensed White Space Device Operations in the Television Bands: In a 2nd Order on Reconsideration and Further Notice of Proposed Rulemaking, the Federal Communications...more
In the latest of a flurry of FTC actions, the agency recently announced that it had entered into a consent order with CafePress, an online customized merchandise platform, over allegations that it failed to secure consumers’...more
Consumer software providers will soon have the option to label their software as compliant with National Institute of Standards and Technology (NIST) standards for software security. On November 1, 2021, NIST published its...more
In this month's edition, we examine the European Commission's Digital Services Act and its potential regulatory impact, the National Institute of Standards and Technology's draft guidance on internet-of-things devices'...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Releases Revision to Security Standard - On September 23, the National Institute of Standards and Technology ("NIST") released Revision 5 to...more
The National Institute of Standards and Technology has issue a set of draft principles for “explainable” artificial intelligence and is accepting comments until October 15, 2020. The authors of the draft principles outline...more
Commercial landlords and tenants are preparing to safeguard their employees and customers from COVID-19 risks. Thermal cameras to measure temperatures, facial recognition, Bluetooth, Wi-Fi, and GPS are all being leveraged to...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - Cybersecurity Standards Issued for Government Contractors - On January 31, the Office of the Under Secretary of Defense for Acquisition and...more
The FTC recently released its annual privacy and security report, providing a snapshot of the issues focused on in the previous year. These reports are often looked at as a signal for insights into the agency’s upcoming...more
This Week: FTC releases annual privacy and data security report; AI: White House endorses OECD efforts, Pentagon adopts new ethical principles; FAA hosts Drone Advisory Committee meeting, solicits new members....more
“Reasonable” and “adequate” seem like benign terms — until you have to litigate using them as a standard for adequate data security. Over the coming years, the definition of “reasonable security” (and the alleged failure of...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the EU advocate general's decision in Schrems II, a federal court's ruling that an insurer owed coverage for a social engineering loss, the Chinese...more
Selected Developments in U.S. Law - NIST Publishes Privacy Framework Version 1.0 - On January 16, 2020, the National Institute of Standards and Technology (NIST) published Version 1.0 of its Privacy Framework: A Tool for...more