News & Analysis as of

Cybersecurity Corporate Counsel

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Proskauer - Employee Benefits & Executive...

DOL Updates Guidance on Pension and Health & Welfare Plan Cybersecurity Best Practices

In 2021, the U.S. Department of Labor (DOL) issued 3 documents outlining guidance on cybersecurity practices for benefits plans, which we discussed in a blog post at the time. The DOL recently issued revised versions of the...more

BCLP

Navigating a Security Incident - Best Practices for Engaging Service Providers - September 2024

BCLP on

With the recent wave of ransomware and other security incidents, it is now more important than ever for impacted organizations to have a thorough understanding of each element of a proper data breach response. That includes...more

Osano

The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1

Osano on

In this episode of The Privacy Insider Podcast, Keith Enright, the outgoing Chief Privacy Officer at Google, joins host Arlo Gilbert to share what it’s like to be at the privacy helm of one of the world’s most influential–and...more

Akin Gump Strauss Hauer & Feld LLP

Cybersecurity After SolarWinds: Practical Guidance for CISOs Under the New Rules

Judge Engelmayer’s 107-page dismissal of most of the U.S. Securities and Exchange Commission (SEC)’s claims against SolarWinds provides valuable guidance, and some comfort, for public companies and Chief Information Security...more

Wiley Rein LLP

CMMC 2.0 Update: DOD Proposed Rule Introduces Standard Terms for Contracts Subject to CMMC 2.0, Including Yet Another 72-Hour...

Wiley Rein LLP on

WHAT: The U.S. Department of Defense (DOD) just published the second of two proposed rules setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The earlier...more

Fisher Phillips

Disclosure of Data Through Website Cookies May Be a Data Breach – What A Recent Court Ruling Means for Healthcare Businesses

Fisher Phillips on

A California federal court recently ruled that disclosure of certain data collected through website cookies that may qualify as health information could trigger a data breach under the California Consumer Privacy Act (CCPA) –...more

Wilson Sonsini Goodrich & Rosati

Substantial New CCPA Regulations Inch Closer to Reality: A High-Level Overview of the New Requirements and Their Projected $4...

On July 16, 2024, the California Privacy Protection Agency (CPPA) Board met to discuss advancing a substantial draft California Consumer Privacy Act (CCPA) rulemaking package to formal proceedings. The proposed...more

Fisher Phillips

If a Cybersecurity Firm Can Fall For the Latest AI Workplace Scam, So Can You: 10 Steps to Protect Your Business

Fisher Phillips on

A prominent cybersecurity training company just fell victim to an increasingly common scam when it hired a remote worker who turned out to be a North Korean cybercriminal that used AI deepfake tools to fake his identity and...more

Hinshaw & Culbertson - Privacy, Cyber & AI...

More Proposed Regulations from California: What Do These Mean for Your Business?

What Issues Did the California Privacy Protection Agency Raise? On July 16, 2024, the California Privacy Protection Agency (Agency) discussed proposed updates to the California Consumer Privacy Act (CCPA) regulations....more

Hogan Lovells

Brazil’s Data Protection Authority releases guidance on data protection officer responsibilities and duties

Hogan Lovells on

On July 16, 2024, the National Data Protection Authority (ANPD) published Resolution No. 18/2024 (Resolution 18) outlining rules on the appointment, definition, duties and activities of a Data Protection Officer (DPO) in...more

McDermott Will & Emery

SEC Faces Headwinds in SolarWinds Cybersecurity Litigation, but Public Companies and CISOs Still Under Scrutiny

McDermott Will & Emery on

On July 18, 2024, Judge Paul A. Engelmeyer in the US District Court for the Southern District of New York issued a 107-page opinion dismissing most of the claims against software company SolarWinds and its chief information...more

Coblentz Patch Duffy & Bass

2024 Mid-Year Privacy Report - A Comprehensive Look at New Developments in Data Privacy Laws

Introduction - 2024 has been another big year for privacy. Several new state privacy laws are going into effect, with several more coming in 2025, while a federal privacy law continues to be discussed that would further...more

Holland & Knight LLP

Court in SolarWinds Case Blows Down SEC's Cyber Enforcement Authority

Holland & Knight LLP on

The U.S. District Court for the Southern District of New York on July 18, 2024, dismissed most of the SEC's landmark cyber enforcement litigation against SolarWinds Corp. (SolarWinds or the Company) and the Company's Chief...more

Fenwick & West LLP

SEC v. SolarWinds: Court Dismisses the Majority of the SEC’s Securities Fraud Claims

Fenwick & West LLP on

On July 18, Judge Paul Engelmayer of the Southern District of New York issued a lengthy order dismissing the majority of the SEC’s enforcement case against SolarWinds Corporation (SolarWinds) and its CISO, Timothy Brown. The...more

McDermott Will & Emery

Draft CCPA Regulations Stalled as Agency Struggles With Applicability of ADMT Rules

McDermott Will & Emery on

On July 15, 2024, the California Privacy Protection Agency (CPPA) released proposed updates to the California Consumer Privacy Act (CCPA) regulations, including updates to the draft risk assessments, automated decisionmaking...more

Blake, Cassels & Graydon LLP

Invasion of the Data Snatchers: B.C. Court of Appeal Clarifies Possible Scope of Privacy Claims Against Data Custodians in Data...

On July 4, 2024, the B.C. Court of Appeal issued a duo of class action appeal decisions considering the potential scope of statutory and common law privacy claims against data custodians that fall victim to cyberattacks in...more

Pillsbury Winthrop Shaw Pittman LLP

The EU’s AI Act: A Review of the World’s First Comprehensive Law on Artificial Intelligence and What This Means for EU and Non-EU...

The agreed text of the AI Act was published on July 12, 2024, essentially starting the clock on the legal deadlines contained in it. Its obligations will apply in tiered phases, with the first key obligations being enforced...more

Wilson Sonsini Goodrich & Rosati

Seven New States Join Patchwork of U.S. Comprehensive Privacy Laws: Top 10 Trends from the First Half of 2024

In the first half of 2024, seven new states—Kentucky, Maryland, Minnesota, Nebraska, New Hampshire, New Jersey, and Rhode Island—all enacted their takes on comprehensive privacy laws, bringing the total number of states with...more

Wiley Rein LLP

Litigation Grows Around Website Technologies, With Focus on Sensitive Data

Wiley Rein LLP on

Data privacy-related lawsuits have skyrocketed in recent years. Federal courts saw over 900 data privacy dockets in 2020 – but witnessed a surge to 1,767 dockets in 2023. At the halfway point in 2024, federal court data...more

Fisher Phillips

Florida Governor Vetoes Cybersecurity Data Breach Immunity Bill: 4 Things Businesses Can Do to Prevent Data Breach Claims

Fisher Phillips on

To the surprise of some, Governor DeSantis recently vetoed a bill that would have provided businesses with a defense to claims arising from “cybersecurity incidents” that lead to data breaches – so long as they met a few...more

Skadden, Arps, Slate, Meagher & Flom LLP

Contractors Settle Cyber Fraud Claims Alleging Ignored Security Measures

Two recent settlements under the False Claims Act (FCA): - Signal enhanced risk around cybersecurity for recipients of federal funds. - Underscore the need to assess compliance with cybersecurity requirements and...more

Husch Blackwell LLP

U.S. Privacy Litigation Update: May 2024

Husch Blackwell LLP on

Keypoint: The Central District of California issued several wiretapping decisions in May while two decisions on the VPPA illustrate how claims fail or succeed at the pleading stage. Welcome to the fourteenth installment in...more

Cooley LLP

Utah, Colorado Pave Way for AI-Specific State Laws – Is Your Company Ready for the Impending Regulation Wave?

Cooley LLP on

The regulation of artificial intelligence (AI) has drawn significant interest from policymakers in the US, particularly at the state level. There has been a recent slew of legislative activity with respect to comprehensive AI...more

Mintz - Privacy & Cybersecurity Viewpoints

SEC Issues New Statement on Cybersecurity Incident Disclosure

Last week, Erik Gerding, Director of the SEC’s Division of Corporation Finance (the Division), issued a statement providing clarification regarding the disclosure of cybersecurity incidents by reporting companies. This...more

Vedder Price

SEC Joins Chorus of Regulators Requiring Data Breach Notifications

Vedder Price on

Last week, the U.S. Securities and Exchange Commission (“SEC”) became the latest federal regulator to implement a data breach notification law. The commissioners unanimously voted to approve amendments to Regulation S-P (the...more

1,177 Results
 / 
View per page
Page: of 48

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide