No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
State AG Pulse | CT AG Reacts to Genetic Data Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
By March 31, 2025, U.K. firms regulated by the Financial Conduct Authority will be required to have conducted mapping and testing to ensure they remain within their impact tolerances for identified operational risks of...more
Editor’s Note: In recent regulatory and enforcement developments, the White House announced a new executive order aimed at strengthening cybersecurity at U.S. ports, and another executive order was issued to protect sensitive...more
NIST Publishes Report on the Cybersecurity of Genomic Data. On December 20, 2023, the NIST National Cybersecurity Center of Excellence (NCCoE) published Final NIST IR 8432, Cybersecurity of Genomic Data. Informed by direction...more
In recent regulatory and enforcement developments, the California Privacy Protection Agency (CPPA) proposed a regulatory framework for automated decision-making technology (ADMT) and revisions to the California Consumer...more
Nelson Mullins invites you to the two-day webinar, Creating a Data Privacy & Security Playbook for 2024: An Overview of Compliance and Regulations, AI, and Data Breach Concerns, on Feb. 7 and 8 in honor of Privacy Day...more
With the pensions industry having direct experience of recent cyber security incidents, the Pensions Regulator (TPR) has updated its guidance for trustees in this area. As a reminder, this year saw Capita suffer a cyber...more
The New York State Department of Financial Services (“NYDFS”), which regulates financial services institutions including banks, insurance companies, and mortgage brokers, finalized an amendment to its Cybersecurity Regulation...more
Publications and Advisories - November 13, 2023 – Kathleen Benway, Kate Hanniford, Amy Mushahwar, Kim Peretti, and Lance Taubin published “Privacy, Cyber & Data Strategy Advisory: FTC Approved New Data Breach Notification...more
With an amendment to its Safeguards Rule, the Federal Trade Commission has joined other federal agencies regulating cybersecurity breaches. Our Privacy, Cyber & Data Strategy Team analyzes how the amendment will affect...more
On October 27, 2023, the Federal Trade Commission (“FTC”) adopted an amendment to the FTC’s Safeguards Rule that will require non-banking financial institutions to notify the FTC within thirty days of discovering a data...more
On October 27, the Federal Trade Commission (FTC or Commission) published a final rule expanding data breach notification requirements for certain financial institutions (Final Rule). Federal Register, will require entities...more
The SEC is continuing its campaign to overhaul cybersecurity, cyber incident reporting, and privacy controls and requirements for financial services industry registrants, their service providers, and corporate America...more
CYBERSECURITY - CISA Launches Cybersecurity - Public Awareness Campaign To kick off the twentieth annual Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) has announced that CISA and...more
On June 30, the U.S. Court of Appeals for the First Circuit overruled a district court’s dismissal of a putative class action against a home delivery pharmacy service for allegedly failing to prevent a 2021 data breach that...more
Editor’s Note: Montana became the latest state to pass a comprehensive privacy bill, joining California, Virginia, Colorado, Connecticut, Utah, and Tennessee. Florida, too, passed a privacy bill, but with a much narrower...more
Cyber Resilience Programs Falling Short on Preparing Workers for a Crisis- “At two-thirds of organizations, there is a fear that almost all employees, 95%, will not understand how to recover following a cyberattack.” ...more
On February 21, the U.S. Court of Appeals for the Fourth Circuit held that a proposed class action over website login procedures belongs in state court. Plaintiff alleged that after a nonparty credit reporting agency...more
The National Credit Union Administration (NCUA) has approved new cyber incident reporting requirements for credit unions. Under the final rule, federally insured credit unions will be required to notify the NCUA of a...more
On February 16, the NCUA approved a final rule that requires federally-insured credit unions (FICUs) to notify the agency as soon as possible (and no later than 72 hours) after a FICU “reasonably believes that a reportable...more
While new comprehensive state privacy laws took most of the headlines this year, security threats and incident response remain key risk factors for privacy compliance programs and the subject of important legal developments....more
Student Loans - Supreme Court Likely to Rule that Biden Student Loan Plan is Illegal, Experts Say. Here’s What that Means for Borrowers - “Long before the president acted, Republicans had criticized student loan...more
In August 2022, the Consumer Financial Protection Bureau (CFPB) published a circular confirming that, under certain circumstances, entities may “violate the prohibition on unfair acts or practices in the Consumer Financial...more
CYBERSECURITY - New York DFS Fines Robinhood $30M for “Significant” Cybersecurity Violations - The New York Department of Financial Services (DFS) announced its first ever penalty against a cryptocurrency platform...more
Online mortgage lender Lending Tree sent breach notification letters to affected individuals on June 29, 2022. The letter advises those persons that their name, social security number...more