Find Someone Observant: The Vital Role of Facility Security Officers
2023 DSIR Report Deeper Dive into the Data
Guidepost in Motion - Cybersecurity Frameworks and Metrics Part 2
Debra Geroux and Scott Wrobel on Responding to Data Breaches
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
In June 2023, the Privacy Commissioner for Personal Data in Hong Kong (the “Commissioner”) released a new guidance note on data breach handling and notifications (the “Guidance Note”). The purpose of this note is to assist...more
We’re back with a deeper dive into the 2023 Data Security and Incident Response Report, which features insights and metrics from 1,160+ incidents in 2022. This episode dives deeper into the data, including ransomware and...more
The guidance encourages organisations to formulate a data breach response plan, and outlines recommendations for handling an increasing number of data breach incidents. On 30 June 2023, the Office of the Privacy...more
While the cloud has become commonplace in our everyday lives, many legal teams are still missing out on the benefits of cloud-based ediscovery software. As of 2021, there is a 50/50 split between ediscovery solutions...more
The US Securities and Exchange Commission (SEC) issued a notice of proposed rulemaking (the Proposal) on March 15 that would require SEC-regulated investment advisers, investment companies, and broker dealers to provide...more
Today’s Privacy Reality: AI, Assessments, Breach and DSARs is a webcast that will bring together a panel of experts to discuss the impact of artificial intelligence (AI) on privacy and cybersecurity. The panel will address...more
Cybersecurity is a key risk factor for emerging applications of artificial intelligence to medical devices. Products failing to address security risks may leave themselves vulnerable to cyberattacks. Bad actors target...more
The new guidelines provide insight into how businesses can submit applications to the CAC in order to obtain approval via the CAC security assessment cross-border data transfer requirement. As of September 2022, all...more
The much-anticipated Security Assessment Measures for Outbound Data Transfers (hereinafter referred to as "the Measures") of China has already come into effect on September 1, 2022, and on the eve of the effective date, the...more
Join Mitratech & Escrypt in this electrifying new webinar on strengthening cybersecurity maturity. As local and global automotive cybersecurity regulations, standards, and guidelines increase in complexity, organizations are...more
Vendor-caused incidents continued to surge in 2021. Nearly 20 percent of the total incidents we handled last year were caused by vendors, with more than half requiring notification....more
On March 30, 2022, the U.S. Securities and Exchange Commission’s (“SEC”) Division of Examinations released its exam priorities for fiscal year 2022 (the “2022 Priorities”). As in years past, these exam priorities naturally...more
Ken Mendelson welcomes back Andy Cottrell, the founder and CEO of cybersecurity consulting firm Truvantis to talk more about cybersecurity frameworks. They discuss the difference between a cyber audit and cyber assessment and...more
On March 1st, the United States Senate passed a historic cybersecurity bill with bipartisan and unanimous support. This bill impacts operators of federal infrastructure and federal civilian agencies. The Strengthening...more
Data Privacy Day is celebrated on January 28 each year to raise awareness about the importance of respecting privacy, safeguarding data and enabling trust. In honor of Data Privacy Day, now is an ideal time to review your...more
As summarized in the first installment of our two-part blog series, President Biden recently issued a sweeping Executive Order aimed at improving the nation’s cybersecurity defense. The Order is a reaction to increased...more
When a data breach occurs, one step is often overlooked in the rush to remediate: preserving as much of the data logs and backups as possible That’s a mistake, say Debra Geroux, Shareholder at Butzel Long and Scott Wrobel,...more
As the COVID-19 pandemic and social distancing enforced remote work only accelerated the move to the cloud for many organizations, it should come as no surprise that the use of cloud-based solutions continues to be on the...more
Federal government lessees seeking to occupy high-security spaces in foreign-owned buildings will be required to obtain complete beneficial ownership and impose access restrictions on owners and property managers. The...more
A cyber breach can have serious legal, financial, and reputational consequences for a company, as described in our previous post. As such, cybersecurity threats must be treated as business risks, not just a potential IT...more
A cyber breach can have serious legal, financial, and reputational consequences for a fund sponsor, as described in our previous post. As such, cybersecurity threats must be treated as business risks, not just a potential IT...more
We are living in the age of data and big data, where everyone wants to collect as much information as possible. The ability to analyze and monetize such information is a key strategy and selling point for many businesses. ...more
Background - On January 27, 2020, the U.S. Securities and Exchange Commission's Office of Compliance Inspections and Examinations ("OCIE") published its Cybersecurity and Resiliency Observations. Cybersecurity and data...more
The FTC recently summarized three major changes it made to its orders in data security cases. In a blog signaling these changes, the FTC Indicated that some of the things it has been requiring of companies in 2019 are here to...more