Find Someone Observant: The Vital Role of Facility Security Officers
2023 DSIR Report Deeper Dive into the Data
Guidepost in Motion - Cybersecurity Frameworks and Metrics Part 2
Debra Geroux and Scott Wrobel on Responding to Data Breaches
New Jersey rang in the new year with the signing of a state privacy bill. On Jan. 16, Gov. Phil Murphy signed SB No. 322, stating he was proud that New Jersey had joined the ranks of states with consumer privacy bills....more
In June 2023, the Privacy Commissioner for Personal Data in Hong Kong (the “Commissioner”) released a new guidance note on data breach handling and notifications (the “Guidance Note”). The purpose of this note is to assist...more
The guidance encourages organisations to formulate a data breach response plan, and outlines recommendations for handling an increasing number of data breach incidents. On 30 June 2023, the Office of the Privacy...more
The new guidelines provide insight into how businesses can submit applications to the CAC in order to obtain approval via the CAC security assessment cross-border data transfer requirement. As of September 2022, all...more
The California Consumer Privacy Act (CCPA) has forced companies across the United States (and even globally) to seriously consider how they handle the personal information they collect from consumers. By its terms, however,...more
Last week, Governor Cuomo signed the SHIELD Act into law. As a result, organizations that maintain private information concerning New York state residents will have to develop compliance programs before the law becomes...more
In early June, the Cyberspace Administration of China released for public comment new draft regulations applicable to the collection of personal information relating to children under 14 by online service providers. The...more
The Federal Trade Commission is putting more teeth into the multiyear compliance obligations of consent orders it enters into with companies to settle enforcement actions related to data breaches. The FTC recently issued a...more
As businesses continue to digitise their assets and operations, the need to continually assess IT infrastructure and the technical measures in place to safeguard key information assets and data becomes ever more important....more
The EU’s General Data Protection Regulation (GDPR), which went into effect in May 2018, requires companies to implement appropriate security measures when handling personal data....more
The era of big data is here. Although we are yet to see its full potential, the use of big data analytics is already proving invaluable to businesses and its applications have been found in numerous and diverse sectors. ...more
Connected medical devices deliver numerous benefits not available before, including improved monitoring of patient welfare and a wealth of vital data. But for all the advantages available through these devices, their...more
The CFTC recently approved the National Futures Association’s interpretive notice (the “Cybersecurity Notice”) on the general requirements that members should implement for their information systems security programs...more
Earlier this month, privacy and security professionals from around the globe gathered for “Privacy. Security. Risk. 2015”—the second joint conference between the International Association of Privacy Professionals and the...more
On Friday, Oct. 2, home design and renovation company, Houzz, Inc., reached a settlement with the Office of California Attorney General Kamala Harris over allegations that Houzz had recorded customer and employee...more
Seventh Circuit Decision May Make It Easier for Class Action Plaintiffs to Establish Standing in Data Breach Cases - The Seventh Circuit has issued a decision that could make it much easier for class action plaintiffs to...more