The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
The EU recently introduced the AI Act, landmark legislation aimed at regulating artificial intelligence (AI) technologies. This article provides an in-depth overview of the EU AI Act, its implications for organizations, and...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
The Internet of Things (“IoT”) has ushered in a new era of connectivity and convenience, but with it comes a host of legal issues and emerging theories of liability. As IoT devices become increasingly ubiquitous in our daily...more
New Jersey rang in the new year with the signing of a state privacy bill. On Jan. 16, Gov. Phil Murphy signed SB No. 322, stating he was proud that New Jersey had joined the ranks of states with consumer privacy bills....more
In June 2023, the Privacy Commissioner for Personal Data in Hong Kong (the “Commissioner”) released a new guidance note on data breach handling and notifications (the “Guidance Note”). The purpose of this note is to assist...more
We’re back with a deeper dive into the 2023 Data Security and Incident Response Report, which features insights and metrics from 1,160+ incidents in 2022. This episode dives deeper into the data, including ransomware and...more
The guidance encourages organisations to formulate a data breach response plan, and outlines recommendations for handling an increasing number of data breach incidents. On 30 June 2023, the Office of the Privacy...more
When evaluating cybersecurity and data protection risk for our clients, the two most fundamental questions that need to be answered are: How vulnerable is our organization to active cyber threats that are likely to...more
The US Securities and Exchange Commission (SEC) issued a notice of proposed rulemaking (the Proposal) on March 15 that would require SEC-regulated investment advisers, investment companies, and broker dealers to provide...more
Cybersecurity Alert: Silicon Valley Bank and Signature Bank Fallout - Undoubtedly, cyber criminals are out in full force with phishing links and other scams trying to capitalize on the disruption and panic that many...more
In this excerpt from our white paper on managing ediscovery in the cloud, we explain the basics of the cloud and its biggest benefits in ediscovery. Click here to download the full white paper. As early pioneers of cloud...more
Join Mitratech & Escrypt in this electrifying new webinar on strengthening cybersecurity maturity. As local and global automotive cybersecurity regulations, standards, and guidelines increase in complexity, organizations are...more
Vendor-caused incidents continued to surge in 2021. Nearly 20 percent of the total incidents we handled last year were caused by vendors, with more than half requiring notification....more
Ken Mendelson welcomes back Andy Cottrell, the founder and CEO of cybersecurity consulting firm Truvantis to talk more about cybersecurity frameworks. They discuss the difference between a cyber audit and cyber assessment and...more
On March 1st, the United States Senate passed a historic cybersecurity bill with bipartisan and unanimous support. This bill impacts operators of federal infrastructure and federal civilian agencies. The Strengthening...more
Data Privacy Day is celebrated on January 28 each year to raise awareness about the importance of respecting privacy, safeguarding data and enabling trust. In honor of Data Privacy Day, now is an ideal time to review your...more
On October 27, 2021, the Federal Trade Commission (FTC) announced a newly updated rule under the Gramm-Leach-Bliley Act (GLBA) intended to require financial institutions to strengthen their data security safeguards to protect...more
As summarized in the first installment of our two-part blog series, President Biden recently issued a sweeping Executive Order aimed at improving the nation’s cybersecurity defense. The Order is a reaction to increased...more
A cyber breach can have serious legal, financial, and reputational consequences for a company, as described in our previous post. As such, cybersecurity threats must be treated as business risks, not just a potential IT...more
A cyber breach can have serious legal, financial, and reputational consequences for a fund sponsor, as described in our previous post. As such, cybersecurity threats must be treated as business risks, not just a potential IT...more
We are living in the age of data and big data, where everyone wants to collect as much information as possible. The ability to analyze and monetize such information is a key strategy and selling point for many businesses. ...more
Background - On January 27, 2020, the U.S. Securities and Exchange Commission's Office of Compliance Inspections and Examinations ("OCIE") published its Cybersecurity and Resiliency Observations. Cybersecurity and data...more
The FTC recently summarized three major changes it made to its orders in data security cases. In a blog signaling these changes, the FTC Indicated that some of the things it has been requiring of companies in 2019 are here to...more
Government contractors are no strangers to the numerous quality standards and assurances required by the government. Over the past several years, cybersecurity in federal contracting has emerged as yet another standard to...more
The California Consumer Privacy Act (CCPA) has forced companies across the United States (and even globally) to seriously consider how they handle the personal information they collect from consumers. By its terms, however,...more