News & Analysis as of

Information Security Information Technology

Society of Corporate Compliance and Ethics...

Information Security and ISO 27001

ISO 27001 is the leading standard for information security management systems. As Mel Blackmore, CEO of UK-based Blackmores explains, it is a framework that applies and is of value regardless of an organization’s size, sector...more

Mayer Brown

Key forthcoming EU legislation on Cybersecurity, Artificial Intelligence, Data and Digital Markets

Mayer Brown on

NETWORK AND INFORMATION SECURITY 2 DIRECTIVE (NIS2) - WHO WILL BE IN SCOPE? Operators of essential and important services across various sectors including energy, transport, banking, health, medical devices, chemicals...more

Society of Corporate Compliance and Ethics...

[Webinar] Creating an AI Governance Program (It's Go-Time) - April 24th, 12:00 pm CT

Pressure for companies to use AI to gain a competitive advantage (or at least not fall behind versus competitors) is steadily rising, and in 2024, CEOs will push their Legal, Compliance, Privacy, and IT Teams to deploy AI...more

Skadden, Arps, Slate, Meagher & Flom LLP

What Does the SEC’s Complaint Against SolarWinds Mean for CISOs and Boards?

On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more

Jenner & Block

Client Alert: The SEC Charges SolarWinds and Its CISO with Fraud: Key Takeaways

Jenner & Block on

This week, the SEC filed a high-profile litigation asserting fraud and internal controls charges against software company SolarWinds Corporation and its Chief Information Security Officer, Timothy G. Brown, in connection with...more

Bennett Jones LLP

New Practice Directions Consider Artificial Intelligence in Court Submissions

Bennett Jones LLP on

The use of artificial intelligence (AI) in the preparation of materials filed with the courts has been the subject of recent practice directions, with certain Canadian courts requiring that any reliance on AI by a litigant...more

The Volkov Law Group

Technical Elements of a Cybersecurity Compliance Program (IV of IV)

The Volkov Law Group on

The term cybersecurity is thrown about because it covers so many risks.  There is no common definition of cybersecurity and the technical elements included in the term.  From a technical standpoint, cybersecurity covers...more

Polsinelli

Mitigating Your Greatest Data Privacy Risk

Polsinelli on

Third-party vendors pose a significant risk - The greatest data privacy threat to companies is commonly thought to be that company’s employees. While employees can be a threat, the majority of data breaches and ...more

StoneTurn

Trust and National Security: Lessons for Business Insider Threat Programs

StoneTurn on

The recent arrest and criminal charges against Airman First Class Jack Teixeira for the alleged posting of classified and sensitive information on social media is yet another example of the significant risk that trusted...more

Robinson+Cole Data Privacy + Security Insider

Clop Claims Zero-Day Attacks Against 130 Organizations

Russia-linked ransomware gang Clop has claimed that it has attacked over 130 organizations since late January, using a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, and was successful in stealing...more

Orrick, Herrington & Sutcliffe LLP

Accessibilità degli strumenti informatici – per i soggetti erogatori di cui all’art 3, comma 1-bis, della legge n. 4/2004

A seguito dell’entrata in vigore del D. Lgs.10 agosto 2018, n. 106 che ha dato attuazione alla Direttiva (UE) 2016/2102 “relativa all’accessibilità dei siti web e delle applicazioni mobili degli enti pubblici” è stata...more

Ankura

[Webinar] CMMC – Practical Solutions to Managing and Securing CUI Data, Perspectives of a Foreign Defense Contractor - November...

Ankura on

Currently defense contractors who receive or create Controlled Unclassified Information (“CUI”) from or for the U.S. Department of Defense (“DoD”) are subject to several contract-based cybersecurity requirements, including...more

Sheppard Mullin Richter & Hampton LLP

Third Time’s The Charm – FedRAMP Releases Draft Authorization Boundary Guidance Version 3 for Public Comment

The FedRAMP Program Management Office is seeking comments on its draft FedRAMP Authorization Boundary Guidance, Version 3.0, released on September 14, 2022. The public comment period currently is open and closes on October...more

Lighthouse

New Opportunities, New Risks: A Disrupted Workforce Reshapes the Data Landscape

Lighthouse on

In case the complexities of corporate data weren’t creating enough turbulence to keep corporate and legal teams up at night, along comes a prolonged pandemic to really shake things up. Because now, a complex data landscape...more

Proskauer on Privacy

“Log4Shell” Vulnerability Has Potential to Compromise Millions of Devices

Proskauer on Privacy on

Cybersecurity experts around the world are scrambling to sound the alarm about a newly discovered security vulnerability that could be used by attackers to easily infiltrate computer systems. The vulnerability is found in...more

Health Care Compliance Association (HCCA)

Compliance Refresher: Get Cozy With IT Folks, Review Insurance, Fine-Tune Policies, Training

Report on Patient Privacy 21, no. 11 (November, 2021) - Attorney Brad Hammer doesn’t always don a suit and tie, or what he calls his “lawyer’s uniform.” A privacy and security expert and founder of the Vakaris Group based...more

NAVEX

IT and Corporate Compliance: Bridging the Gap in the Era of Remote and Hybrid Work

NAVEX on

In many ways, the COVID-19 pandemic has served as a prime example of punctuated equilibrium. Shifts that have been slowly building for decades seemingly occurred overnight, giving us the contradictory sense that these changes...more

Robinson+Cole Data Privacy + Security Insider

Privacy Tip #297 – Vulnerability in Smart Home Devices Including Baby Monitors

Mandiant, a division of FireEye, has reported that it has discovered a vulnerability in a software protocol that enables hackers to gain access to audio and visual data on smart devices including baby monitors and web...more

Sheppard Mullin Richter & Hampton LLP

Watch Your Boundaries – FedRAMP Releases Draft Authorization Boundary Guidance for Public Comment

The FedRAMP Program Management Office is seeking comments on its draft FedRAMP Authorization Boundary Guidance, Version 2.0, released on July 13, 2021. The public comment period currently is open and closes on September 13,...more

Robinson+Cole Data Privacy + Security Insider

National Cybersecurity Center Launches Free Training for State Elected Officials

Speaking of security education and training, the National Cybersecurity Center this week launched a new initiative to offer cyber-hygiene and IT security sessions to elected state government officials and their staff for...more

NAVEX

[Webinar] Top Risk Management Lessons from the SolarWinds Hack - January 27th, 10:00 am - 11:00 am PT

NAVEX on

Last month there was a cyber-attack suspected to have been perpetrated by Russian hackers. The attack was traced back to third party – a network management software vendor, SolarWinds. Among its 300,000 customers, SolarWinds...more

Perkins Coie

China’s New Personal Information Protection Specifications

Perkins Coie on

After undergoing several rounds of revisions to the 2019 draft specifications, the new Information Security Technology-Personal Information Security Specifications (GB/T35273-2020) (New Personal Information Specifications)...more

Burr & Forman

FINRA Warns of Fake FINNRA

Burr & Forman on

The Financial Industry Regulatory Authority (“FINRA”) has issued a special alert to its member firms, alerting them to an imposter website: www.finnra.org (containing an extra “n”)....more

NAVEX

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

Perkins Coie

China Issues New Personal Information Security Regulations

Perkins Coie on

China’s State Administration for Market Regulation and the State Standardization Administration issued the recommended national standards named the Information Security Technology - Personal Information Security...more

40 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide