The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
Originally published in American Business Magazine - May 2024. Many small- and mid-sized business owners believe that they are not prime targets for a cyber breach and that threat actors only go after large companies. This...more
The EU recently introduced the AI Act, landmark legislation aimed at regulating artificial intelligence (AI) technologies. This article provides an in-depth overview of the EU AI Act, its implications for organizations, and...more
‘Tis the season for the hustle and bustle of year-end holiday activities. With that comes the increased risk of cybercriminals exploiting the season to find vulnerabilities. This includes taking advantage of increased online...more
In today’s digital landscape, organizations face numerous cybersecurity threats that can compromise their valuable digital assets, including their data, IT infrastructure, networks, software, and intellectual property (IP)....more
I recently ran across a Forbes article that I thought was spot-on, so I am sharing it with our readers. Entitled “5 Tips For How To Handle Consumer Privacy Concerns,” the article astutely points out that “In the age of...more
Most businesses began 2021 with ambitions to return to the office. But in keeping with a trend of disruption, we are faced with new COVID variants, questions on when and how schools will respond, a cultural shift towards...more
It’s no secret that compliance is a huge part of a corporate lawyer’s job. Whether it’s internal or external compliance, there’s a lot that needs to be done to keep a business operating smoothly and on the right side of the...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
Welcome to #WorkforceWednesday. The Chief Legal Officer (“CLO”) plays a key role in supporting employers as the workforce transitions back to the workplace. This week we have a special edition for you. As enterprises...more
In today’s connected world, businesses face constant pressure to improve their cybersecurity practices and to confirm that they are meeting industry standards. To continue helping businesses achieve those goals, the SEC...more
On January 27, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) announced its most recent Cybersecurity and Resiliency Observations. This report highlights specific practices that have been, and can be...more
It starts inconspicuously enough with an email. You’re busy, so without thinking, you quickly open it and view the attachment. You may have just compromised the security of your entire company and the privacy of every client....more
Data security and privacy concerns have become one of the top issues keeping business leaders up at night. According to the Ponemon Institute’s 2018 study regarding the cost of data breaches, data breaches are increasingly...more
We all have been trained to look at website addresses with a critical eye to make sure they have “https,” as those websites are supposed to be secure. The “s” at the end signifies to us that it is secure. The lock at the...more
If you handle or maintain personal information about your employees, such as social security numbers and payroll information, you should take steps to protect that data....more
When it comes to digital threats, universities must protect not only a broad and deeply layered infrastructure, but also vast populations of students. In this episode, Elisa D’Amico and Desiree Moore outline their top five...more
In data privacy and security jargon, an insider threat usually includes: an employee who creates a security risk due to a lack of awareness or carelessness, but doesn’t mean to do...more
In our last article, we showed you how to evaluate where your organization sits on the landscape of readiness and preparedness. In this concluding article, we identify concrete steps you can immediately employ to move your...more
It is a myth that employees hate training and education. I have seen it with my own eyes. It is very exciting to watch an audience visibly cover their mouths when real life stories are told about cyber-attacks and phishing...more
Due to the dramatic increase and changing nature of cyber risks, mergers and acquisitions due diligence should expand to address cyber risks, available risk mitigation practices, and available insurance. Acquiring companies...more
You continue to hear that your employees are your biggest risk when it comes to causing a data breach. Recent incidents that we have been involved in that were caused by employee error include...more
Recent, highly publicized data security incidents highlight the continued vulnerability of corporate information systems. Notably, employees who fall prey to sophisticated phishing e-mails and other scams often contribute to...more
Once again it’s time for our annual review of trends and events that will impact your Ethics and Compliance (E&C) program in the year ahead. This year presents a unique challenge. We are preparing our predictions...more
According to a study by Softchoice, 1-in-5 employees still keep their passwords in plain sight (like a Post-it Note on their desk or in the top drawer of their desk—now that’s original), have accessed work files from a device...more
Companies need specific, well-executed plans to meet growing demands of federal and state agencies. While cybersecurity risks have increased, government regulation has traditionally lagged behind. Recently, some...more