No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
No Password Required: A Security Engineer and Budding Surfer Who Took PentesterLab From Side Hustle to Global Success
No Password Required: A Developer Advocate with Auth0 and an "Accordion Guy" with Rockstar Aspirations
No Password Required: Former Commander, United States Central Command, Executive Director of Cyber Florida and an Appreciator of Battlefield Beef Enchiladas
No Password Required: A Cybersecurity Education Specialist, Whose Passions Include the Forest, DIY, and Deviled Eggs
Hybrid Workforces and Compliance with Sheila Limmroth
[Podcast] Prioritizing Cybersecurity in a Hybrid Workplace
Cybersecurity & Data Privacy Webinar Series: Password Protected: Essential Cybersecurity & Data Privacy Planning for Your Small Business
Digital Planning Podcast - Interview With Leeza Garber
Happy Password Day
Zoom Security Best Practices
Data Privacy Legislation, Part 2 (and bonus tips on teleworking from two law mamas who feel your pain!)
Compliance Perspectives: Cybervigilance and Cyber-resiliency
Life With GDPR: Episode 26- The Importance of Passwords
Employment Law This Week: Password Sharing, Organizing Mixed Units, Mental Health Accommodations, Privacy Shield
Employer Social Media Policies – Interview with Mitch Danzig, Member, Member, Mintz Levin
As More States Implement Social Media Password Laws, There’s Still Some Blind Spots
How to Protect Your Company From Hackers
The Basics of Michigan’s Social Media Password Law & Why It Isn’t Such a Great Idea
In 2021, the U.S. Department of Labor (DOL) issued 3 documents outlining guidance on cybersecurity practices for benefits plans, which we discussed in a blog post at the time. The DOL recently issued revised versions of the...more
October was a busy month in New York for cybersecurity enforcement. In addition to a $4.5 million settlement between the New York Department of Financial Services and EyeMed Vision Care (discussed in a forthcoming blog post),...more
The recent High Court decision of Cheung Ka Ho Cyril v Securities and Futures Commission and another [2020] HKCFI 270 confirmed the powers of the Securities and Futures Commission (SFC) to (i) seize digital devices such as...more
On November 21, 2018, the data protection authority of the German state of Baden-Württemberg (“LfDI”) imposed a fine of EUR 20,000 on a German social media company for failing to encrypt user passwords, the first fine issued...more
The “security principle” under the General Data Protection Regulation (GDPR) requires that organizations process personal data securely by means of “appropriate” technical and organizational measures....more
The UK government recently released a policy paper outlining proposed requirements for makers of Internet of Things (IoT) devices to take certain actions to better protect IoT devices from growing cybersecurity threats....more
Businesses should take steps to protect usernames, email addresses, passwords, and security questions and answers. A key issue in determining whether notification is required following a data breach is whether...more
On September 1, 2016 new rules previously published by the U.S. Department of Commerce, Bureau of Industry and Security (BIS)1 and the U.S. Department of State, Directorate of Defense Trade Controls (DDTC)2 will become...more
Is password sharing a crime? It can be under the right circumstances, according to last week’s decision in United States v. Nosal. In Nosal, the U.S. Court of Appeals for the Ninth Circuit upheld the conviction of a former...more
This past week, the Ninth Circuit released two important decisions that clarify the scope of liability under the federal Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030. The Act was originally designed to target...more
Maine has become the latest state to restrict employers’ ability to access social media accounts of employees and applicants. A new Maine statute, which will go into effect on October 15, 2015, prohibits a broad range of...more
The U.S. Court of Appeals for the Third Circuit announced that the Federal Trade Commission (FTC) has the authority to scrutinize a business’s data security protocol -- and to file a complaint if the FTC finds that protocol...more
Since early 2012, 21 states have enacted some form of "password protection" law. Although these laws vary substantially by state, their common thread is the intention to restrict employers' ability to access content in...more
March 30, 2015 Authors: Philip Gordon and Joon Hwang As many state legislatures open their 2015 sessions, Virginia has become the first this year — and most likely not the last — to continue the legislative trend towards...more
All Tennessee employers and their agents must now comply with the “Employee Online Privacy Act of 2014,” a new law that prohibits employers from asking their employees for their usernames and passwords to social media sites,...more
Effective August 1, 2014, Louisiana joined at least sixteen other states that have enacted laws prohibiting or restricting employers from accessing employees' personal online accounts – including social media (Twitter,...more