Information Security and ISO 27001
A Compliance Officer Turned Board Member's Advice
Cyberside Chats: Protect Your Crown Jewels – Nobody breaks into a bank to steal the posters
No Password Required: The Philosopher CISO of Tallahassee Who Lives to Help Other People
Cyberside Chats - Zero Trust and Cyber Negligence: A conversation with Dr. Zero Trust Chase Cunningham
No Password Required: A Former Police Officer Who Embodies All the Qualities of a Great Leader
Modernize your Information Governance: Building a Framework for Success
CyberSide Chats: Recap of the White House Cyber Summit (with Amanda Fennell)
Canna We Talk Cannabis? Cybersecurity Risks Bring Growing Pains to Cannabis Businesses
The Importance Of Cybersecurity During A Merger & Acquisition Transaction
Phishing and Vishing and Smishing (Oh my!): New Types of Scams Require Increased Vigilance
On April 14, the OCC released a letter providing more details on the recent security breach involving its email systems. The breach — identified as a major incident under the Federal Information Security Modernization Act...more
On April 23, 2025, Quebec’s Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents (Regulation) will come into force. Issued by...more
Over half of US states require annual compliance certifications from insurance providers. While the filing time frames for this year draw to a close, companies may want to keep them in mind not only for next year, but as a...more
On April 8, the OCC announced it had notified Congress of a major information security incident, as required by the Federal Information Security Modernization Act. The incident involved unauthorized access to emails and their...more
This winter, Latham’s Investment Funds Practice provided guidance on the Securities and Exchange Commission’s (SEC) 2025 examination priorities for private fund advisers in the latest installment of the Private Funds...more
Hawaii’s State Data Office recently issued a series of guidance documents for its state agencies on how to handle artificial intelligence. This includes guidance on data protection, data retention and use of Generative AI....more
The PRC National Technical Committee 260 on Cybersecurity of SAC (“TC260”) published new Guidelines on Identifying Sensitive Personal Information (“Guidelines”) on 18 September 2024, nearly three months after it released the...more
On October 31, OIG for the Fed and the CFPB released its 2024 Audit of the Board’s Information Security Program. The audit found that the Board’s information security program continues to operate at a level-4 (managed and...more
On October 21, 2024, the US Securities and Exchange Commission ("SEC") Division of Examinations ("Examination Division") announced its 2025 Examination Priorities ("Report"). Investment advisers and broker-dealers should...more
On October 21, 2024, the Division of Examinations (“EXAMS” or the “Division”) of the U.S. Securities and Exchange Commission (“SEC”) released its examination priorities (the “2025 Priorities”) for fiscal year 2025 (which...more
Country Status Legislation* Commentary Austria Available here Austria has submitted the “Network and Information Security Act” for Parliament’s consideration. It is anticipated that the “Network and Information Security Act”...more
Cybersecurity Awareness Month was established more than 20 years ago to provide resources to enable organizations and their employees to stay safer and more secure online...more
Artificial intelligence (AI) has the power to revolutionize health care. In oncology, there are now opportunities to apply AI to support diagnostics, predictive analytics, and administrative functions. This hot topic was...more
TracFone, the pre-paid phone company, recently settled with the FCC over allegations that the company failed to protect customer information during three different data incidents. According to the FCC, in each of the...more
This week, the Federal Communications Commission (FCC) announced a settlement with TracFone Wireless to resolve investigations into whether TracFone failed to reasonably protect its customers’ information from unauthorized...more
Learning Objectives: - Explain the evolution of state data protection laws over the past year - Explore the focus on protecting health consumers - Describe practical approaches on how to build a privacy program when...more
ISO 27001 is the leading standard for information security management systems. As Mel Blackmore, CEO of UK-based Blackmores explains, it is a framework that applies and is of value regardless of an organization’s size, sector...more
Our latest six eDiscovery case law rulings MAY be our best ever! See what I did there? Our May 2024 monthly webinar of cases covered by the eDiscovery Today blog discusses disputes related to prolonged lack of cooperation in...more
Keypoint: Colorado employers and controllers that collect and process biometric data and identifiers will need to comply with disclosure, consent, and retention requirements beginning on July 1, 2025. In late April, the...more
With escalating cyber risks and heightened regulatory scrutiny, every minute after a data breach is crucial. Sophisticated cybercriminals relentlessly target your organization’s most valuable asset: personally identifiable...more
Utah, among other privacy laws it has enacted or modified recently, has also modified its breach notification law. This follows last year’s changes to the law, which among other things codified the state’s Cyber Center....more
The recent ransomware attack against the Duvel Moortgat Brewery demonstrated the very real risk that cybersecurity incidents pose to the alcohol industry, reportedly halting operations for several days at four of Duvel...more
NETWORK AND INFORMATION SECURITY 2 DIRECTIVE (NIS2) - WHO WILL BE IN SCOPE? Operators of essential and important services across various sectors including energy, transport, banking, health, medical devices, chemicals...more
Hosted by American Conference Institute, the 14th Advanced Forum on Global Encryption, Cloud & Cyber Export Controls returns for another exciting year with curated programming that brings together a global gathering of...more
Pressure for companies to use AI to gain a competitive advantage (or at least not fall behind versus competitors) is steadily rising, and in 2024, CEOs will push their Legal, Compliance, Privacy, and IT Teams to deploy AI...more