Latest Posts › Cybersecurity

Share:

Former Uber Chief Security Officer Convicted of Federal Obstruction and Concealment Crimes in Connection with Extortionate Data...

On October 5, 2022, a federal jury found Joseph Sullivan, Uber’s former chief security officer, guilty of obstruction of justice and misprision of a felony in connection with his role in responding to a 2016 data breach...more

2022 DSIR Deeper Dive: Increased Regulatory Scrutiny of Cybersecurity Incidents

Our 2022 Data Security Incident Response Report discussed the increased regulatory scrutiny of cybersecurity incidents and defenses following a year of high-profile and damaging cyberattacks, including the Russia-based...more

International Data Protection Update - Winter 2021/2022

This Update highlights some of the international data protection issues that caught our attention and the attention of our clients over the winter, including updates on European data transfers and cookie compliance,...more

International Data Protection Update – Summer 2021

This update highlights some of the international data protection issues that caught our attention, and the attention of our clients, over the summer. Asia-Pacific - China’s Data Security Law and Personal Information...more

The Brave New World of Cybersecurity Compliance—Key Takeaways from Recent Government Action on Cybersecurity

After a series of high-profile supply chain and ransomware attacks, the federal government is ramping up its effort to improve the nation’s cybersecurity. In the past several months, multiple federal departments and agencies...more

Responding to Supply-Chain Risk—It's Not Just About Vendor Management

Organizations around the globe began 2021 grappling with two significant supply-chain attacks. First, the SVR, Russia’s foreign intelligence service, planted malicious code in Orion, SolarWinds’ flagship network management...more

International Data Protection Update – First Quarter 2021

This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months....more

A Risk-Based Approach to the SolarWinds Vulnerability Disclosures

On December 13, 2020, SolarWinds disclosed that an unknown attacker compromised its network and inserted malicious code (referred to as the Sunburst vulnerability) into software updates for the Orion platform. In what will...more

COVID-19 Cybersecurity Exposure

Risk scenarios and recommendations - History tells us that unscrupulous actors will exploit any crisis, and COVID-19 is no exception. ...more

The Washington Privacy Act Is Back

After the Washington Privacy Act (“WPA”) failed to pass in 2019, state legislators promised to renew their efforts in the 2020 legislative session....more

Reexamining the GDPR's Territorial Scope: Key Takeaways from the European Data Protection Board's New Guidance

In November 2019, the European Data Protection Board (EDPB) issued its final guidance on territorial scope of the General Data Protection Regulation (GDPR), following release of the draft guidelines in November 2018 and a...more

New Year Brings Trio of U.S. Breach Notification Amendments

Along with the California Consumer Privacy Act, the new year brought us a trio of updated breach notification laws, in Oregon, Texas and Illinois. ...more

Insurance Data Security Model Law Picks Up Steam

Three states recently enacted variations of the National Association of Insurance Commissioner’s (NAIC) Insurance Data Security Model Law (MDL-668), based on the landmark cybersecurity requirements issued by the New York...more

Washington State Proposes Sweeping Privacy Legislation

On Jan. 17, 2019, a new privacy law was proposed in the Washington state Senate. If passed, the Washington Privacy Act would impose far-reaching responsibilities on companies to protect the privacy of “personal data.” ...more

SEC Investigation Highlights BEC Risk and Need for Comprehensive Risk Assessments by Public Companies

The Securities and Exchange Commission issued a press release and an investigative report on Oct. 16 cautioning public companies to consider cyber threats when implementing internal accounting controls. ...more

Last But Not Least: Alabama Enacts a Data Breach Notification Law with Strong Notification and Security Requirements

Several weeks ago, South Dakota and Alabama became the final two states to enact data breach notification laws. The Alabama Data Breach Notification Act of 2018 takes effect on May 1, 2018, and imposes information security,...more

When Obscurity Is Not a Defense

Many organizations facing a data-security incident struggle to understand how or why their organization was targeted in an attack. Most simply believe they are too small or too obscure to be targeted by malicious cyber...more

Recent Trends, Future Predictions, and Effective Risk Assessments

Risk assessments are a fundamental part of any organization’s risk management process. But many organizations still do not incorporate true risk assessments into their information-security planning, even though doing so makes...more

18 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide