CyberSide Chats: Yes, you needed a cyber attorney a long time ago (with Erik Weinick)
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
In June 2023, the Privacy Commissioner for Personal Data in Hong Kong (the “Commissioner”) released a new guidance note on data breach handling and notifications (the “Guidance Note”). The purpose of this note is to assist...more
The landscape for preventing, responding to, and avoiding the fines and other costs associated with data breaches has changed in the last three years. Since the beginning of the pandemic, data breaches have been on the rise...more
Are you using VMware ESXi servers? Why should you worry? Unpatched VMware ESXi servers are actively being attacked against a two-year-old remote code execution vulnerability to deploy a new ESXiArgs ransomware. ...more
On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the "Act"), creating new requirements for organizations operating in critical infrastructure sectors to...more
A data breach can be the result of a cyber/ransomware attack or an honest mistake. Either way, the potential impact of compromised data is huge. This impact can be financial (in the form of fines) and reputational (by...more
The Strengthening American Cybersecurity Act of 2022, a bill that narrowly failed to become law last year, was passed in the Senate on Tuesday, March 1 as a package of cybersecurity measures that would require operators of...more
This webinar is intended for eDiscovery professionals interested in the overlap between data privacy and eDiscovery capabilities, workflows and use cases. The tools to tackle the protection of personal data already exist...more
The retention of prolific sensitive, personal electronic information has essentially become a responsibility inherent in the conduct of modern business. From the maintenance of medical records by a healthcare provider to the...more
Companies and consumers alike are under perpetual assault from bad actors as IoT, work from home, and cloud migration – all intended to improve productivity – have expanded the cyber attack surface. The continually evolving...more
Faced with the resurgence of cyberattacks in our newfound era of dependence on teleworking, our team is primed to guide you through the fraught aftermath of a cyber attack: Our team will discuss: - how to come back to the...more
Report on Patient Privacy 20, no. 11 (November 2020) - In her 14-plus years of investigating and blogging about hacking and breaches, “Dissent” has been yelled at, threatened with lawsuits and accused of being a criminal....more
California continues to lead on data privacy protection. Since the adoption of the California Consumer Privacy Act (CCPA), cracking down on data breaches and promoting consumer privacy has remained a priority in the state....more
At the end of January, the U.S. Securities and Exchange’s Office of Compliance Inspections and Examinations (OCIE) released its “Observations on Cybersecurity and Resiliency Practices” (Observations)....more
In the aftermath of Equifax’s data breach, a federal court recently found that allegations of poor cybersecurity coupled with misleading statements supported a proper cause of action. In its decision, the U.S. District Court...more
Start-up companies know that, when potential investors kick the tires, they will look carefully at the company’s business model and IP portfolio. These days, investors are also likely to look at whether the company is in...more
News reports about data breach and cybersecurity incidents have increasingly become commonplace. While much of the news coverage has focused on data breach or hacking incidents impacting large institutions – Facebook,...more
On February 12, 2018, the Commodity Futures Trading Commission (CFTC) settled charges against AMP Global Clearing LLC (AMP), a futures commission merchant (FCM), for the company’s failure to adequately supervise one of its IT...more
The nightmare scenario for corporate boards and senior executives revolves around the impact of a major data breach. We have seen this first hand with Equifax, Anthem Healthcare, and Target, as prime examples. In the Equifax...more
In the wake of the latest massive data breach, this one involving Equifax, more and more companies are likely wondering what they should do in the event that they are faced with a data breach that exposes the personal data of...more
On June 1, 2017, the United States District Court for the District of Columbia issued a decision in a class action lawsuit, McDowell v. CGI Federal Inc., Civ. Action No. 15-1157 (GK) (D.D.C. 2017), which could have...more
In August 2017, the SEC’s Office of Compliance Inspections and Examinations issued a Cybersecurity risk alert directed at financial advisory firms. As part of the SEC’s 2014 Cybersecurity Initiative, seventy-five firms,...more
On August 7, 2017, the Securities and Exchange Commission (SEC) released its latest cybersecurity risk alert, detailing findings from the examination of 75 broker-dealers, investment advisers and investment companies carried...more
Employers across all industries are deep in the midst of exciting but unchartered and fluid times. Rapid and unforeseen technological advancements are largely responsible for this dynamic. And while there is a natural...more
As a life sciences or medical device company, it is mission critical to protect lab books, drug and clinical test data, product formulas and production processes that underlie your patents, trade secrets and know-how from...more
The state of New York’s Department of Financial Services (DFS) issued the first state-level regulations on cybersecurity for financial institutions with its Cybersecurity Requirements for Financial Services Companies release,...more