No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
State AG Pulse | CT AG Reacts to Genetic Data Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
The SEC continues to expand its cybersecurity enforcement authority to include allegations that a company's failure to monitor its managed security service providers (MSSP) amounts to violations of federal securities laws....more
At its December meeting, the Federal Communications Commission approved a Report and Order modifying its data protection rules. The order expands the scope of protected data to include personally identifiable information....more
“Material Cybersecurity Incident” Standard Will Have a Monumental Impact on Current Cyber Disclosure Requirements - On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted the Cybersecurity Risk...more
The Securities and Exchange Commission is gaining traction in the enforcement of cybersecurity and disclosure requirements. The SEC has a lot on its plate these days – ESG, cybersecurity, and the traditional mix of...more
With a dizzying array of state privacy laws on the horizon, the prospect of a federal solution has come into sharp focus. Rather than a patchwork of regional legislation, a comprehensive national framework would potentially...more
Adding insult to injury for cruise ship company Carnival Corporation (Carnival) following the hit from the pandemic to the travel industry, as well as a class action lawsuit relating to the Diamond Princess’ fate during the...more
In a recent decision, a Virginia federal magistrate judge held that the attorney work product doctrine did not protect from discovery a forensic investigation report created for Capital One in the wake of a 2019 data breach....more
The latest HIPAA resolution agreement by the U.S. Department of Health and Human Services Office for Civil Rights (OCR) is a reminder that healthcare providers must take the high road when responding to unflattering online...more
The Office for Civil Rights (OCR) at the Department of Health and Human Services announced it reached a settlement with Elite Dental Associates of Dallas (Elite) to resolve a complaint alleging Elite impermissibly disclosed a...more
The dust has finally settled in the California State Legislature and the big winner for amendments to the CCPA is AB-25, which started out as carving out employees from the definition of consumer for the purpose of CCPA. The...more
Don’t wait to implement your California Consumer Privacy Act (CCPA) compliance as it could require changes to your operations. CCPA can apply to businesses even if they do not have offices or employees in California. It can...more
New York’s state legislature is considering a new data privacy law that would set the standard for data privacy in the U.S. The New York Privacy Act (the “NYPA” or the “Act”), which is currently being considered by the state...more
• California's protracted legislative and regulatory process has complicated the landscape for businesses needing to implement the operational, technical and procedural changes required by the California Consumer Privacy Act....more
One of the first questions a company must answer after it discovers and remediates a data breach is, “What do we tell our customers?” Companies may delay publicly announcing a data breach out of fear that doing so will harm...more
The California Consumer Privacy Act of 2018 (“CCPA”) was signed into law by Governor Jerry Brown on June 28, 2018, and goes into effect on January 1, 2020....more
On January 1, 2019 Vermont’s breach notice law will include obligations specific to data brokers. A “data broker” is defined as a business that “knowingly collects and sells or licenses to third parties the brokered personal...more
Most attorneys are well aware of statutory obligations that require private and governmental entities to notify individuals of data breaches that involve the loss or disclosure of personally identifiable information. An area...more
Privacy activists cheered when, on June 28, 2018, Governor Brown signed into law the strictest consumer privacy law in the United States; the California Consumer Privacy Act of 2018 (“CCPA”). Effective January 1, 2020, the...more
As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation...more
The California legislature unanimously approved and California Governor Jerry Brown signed into law the California Consumer Privacy Act of 2018 (CCPA) on June 28, 2018. The CCPA is arguably the most far-reaching data...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
This is the fifth installment in a series of articles. For more background on this topic, please read our first article in the series, An Introduction to Financial Technology; our second article, The FinTech Revolution:...more
With California enacting a sweeping new data privacy law on June 28, now is the time for companies to review and adjust to how the California Consumer Privacy Act will impact their business. The act, which has broad...more
In response to controversies concerning consumers’ personal information, such as the Facebook/Cambridge Analytica controversy, and a California ballot initiative that qualified for the November ballot and proposed the...more
California recently passed and signed into law a privacy bill that provides California consumers with data protections that share key features with the European Union's GDPR. While not nearly as strict or extensive as the...more