When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
It’s no longer hype. Organizations are broadly looking to adopt Gen AI to drive productivity across their workforce. There’s also end-user demand to satisfy. People use Gen AI in their personal lives and want to use it...more
On June 20, 2024, the Department of Commerce's Bureau of Industry and Security (BIS) issued a Final Determination (“Determination”) prohibiting Kaspersky Lab, Inc.—the US subsidiary of the Russia-based antivirus software and...more
For more information about France’s SREN law, see our update that provides five key takeaways for businesses. Two new laws impose an array of obligations and restrictions on cloud providers in France. First, the European...more
In light of the increasing organizational use of and reliance on software and the concerns raised regarding the malicious use of the same, the UK Government has published a response to its call for views on software...more
In today's digital landscape, the exchange of personal information has become ubiquitous, often without consumers fully comprehending the extent of its implications. The recent actions undertaken by the Federal Trade...more
As the implementation of Artificial Intelligence (AI) compliance and fraud detection algorithms within corporations and financial institutions continues to grow, it is crucial to consider how this technology has a twofold...more
Cybersecurity success depends on more than just technology. As we’ve seen in part one and part two of this series on cybersecurity risk, the costs of a cyber attack are high – and bad actors always look for the easiest entry...more
The consequences of a cyberattack can be catastrophic, as we saw in the previous blog of this series. Cybersecurity is a business-wide responsibility that demands a proactive strategy extending far beyond technical solutions...more
If you have a tendency to reuse the same password across multiple accounts, you could be leaving yourself (and your organization) exposed to risk. Credential stuffing, the stealthy technique fueling a recent explosion of...more
As supply chains have become more digitized and interconnected, they have also become more vulnerable to a range of cyber threats. These threats not only pose risks to the direct operations of companies but also to the...more
A security researcher found an intentionally placed backdoor in a software library called XZ Utils on April 2. This backdoor allows hackers to hijack secure sessions, or create their own, on devices within an organization's...more
Why does it matter to you? In February of 2024, Change Healthcare, a prominent player in the healthcare industry, fell victim to a ransomware attack that sent shockwaves through its systems and networks. The incident...more
The European Union (EU)’s government organizations are just like any another entity trying to function in a world where global companies and even government entities are reliant on digital platforms for messaging and...more
The Internet of Things (“IoT”) has ushered in a new era of connectivity and convenience, but with it comes a host of legal issues and emerging theories of liability. As IoT devices become increasingly ubiquitous in our daily...more
Nextpoint and Tom O’Connor published a new edition of eDiscovery for the Rest of Us, a strategic and tactical resource for legal teams navigating the modern ediscovery landscape. The 2024 version features new content,...more
Hosted by American Conference Institute, the 14th Advanced Forum on Global Encryption, Cloud & Cyber Export Controls returns for another exciting year with curated programming that brings together a global gathering of...more
In this episode of On Record PR, Gina Rubel goes on record with Aihong Yu, Chief Privacy Counsel of CDK Global, to discuss how embracing privacy and security measures…...more
On June 6, 2023, the Florida Digital Bill of Rights (“FDBR”) was signed into law, and goes into effect on July 1, 2024 with some exceptions—the prohibition of government-directed content moderation of social media platforms...more
To kick off the New Year, Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2023 Recap (including links to all of the resources the team has put out over the...more
In one of the most clear-eyed and sobering assessments of the cyberthreat China poses to our nation’s critical infrastructure, the country’s foremost cybersecurity leaders recently testified that the Chinese Communist Party...more
Welcome to the ninth installment in our monthly data privacy litigation report, which we are releasing just after the New Year. We prepare these reports to provide updates on how courts in the United States have handled...more
On December 15, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) issued a Secure by Design Alert and guidance on “How Manufacturers Can Protect Customers by Eliminating Default Passwords.”...more
As a follow-up to our previous article and webinar, “Are Automakers Making Sufficient Efforts to Protect Customer Data?”, we are addressing the recent 9th Circuit decision in Jones v. Ford Motor Co. At issue in this matter...more
It’s Cybersecurity Awareness Month, and this year marks the 20th anniversary of the campaign. Introducing “Secure Our World” as the central theme, the Cybersecurity Infrastructure and Security Agency (CISA) is on a...more