It’s official! The Unauthorized Access podcast has returned, now with a slightly different spin. Our monthly podcast will spotlight the human aspect of cybersecurity, bringing you closer to the remarkable personalities...more
On October 10, Governor Newsom signed the Delete Act ( SB 362) into law, which amends California's current data broker law to impose extensive additional disclosure and registration requirements on data brokers, and to...more
10/20/2023
/ California ,
California Privacy Protection Agency (CPPA) ,
Consumer Reporting Agencies ,
Cybersecurity ,
Data Brokers ,
Data Collection ,
Data Deletion ,
Data Protection ,
Fair Credit Reporting Act (FCRA) ,
Federal Trade Commission (FTC) ,
New Legislation ,
Notice of Proposed Rulemaking (NOPR) ,
Personal Data ,
Personal Information ,
Personally Identifiable Information ,
Popular ,
Public Comment ,
Regulatory Reform
Popular file transfer tool MOVEit’s recent data security vulnerability prompted many businesses to communicate, internally and externally, about the impact of the incident on its business.
Originally published in Law360 -...more
10/16/2023
/ Consumer Privacy Rights ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Communications ,
Incident Response Plans ,
Personal Data ,
Personally Identifiable Information ,
Popular
Government regulators are seemingly as numerous as the stars nowadays, especially in the universe of data incidents. When organizations experience a data incident, they will need to quickly assess what happened, why it...more
10/16/2023
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
FTC Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Personally Identifiable Information ,
PHI ,
Regulatory Agencies ,
State Attorneys General
In the burgeoning realm of data incidents, it is a truism that such incidents are not created equal. Indeed, a data incident is not necessarily a data breach.
Originally published in Reuters -August 24, 2023...more
8/25/2023
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
NIST ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Regulatory Oversight
On July 26, the Securities and Exchange Commission (SEC) adopted, by a 3-2 margin, a final rule to require more immediate disclosure of material cybersecurity incidents by public companies. In addition, the final rule...more
In recent months, there has been an explosion of artificial intelligence tools that have given even technophobes an opportunity to test AI’s power from the comfort of their favorite web browser.
Originally published in...more
Recently, the Iowa Legislature sent a bill to Iowa Governor Kim Reynolds for her signature that would make Iowa the sixth state to enact a comprehensive privacy law. The Iowa Senate unanimously passed Senate File 262 (SF 262)...more
Before we jump into February developments — trigger warning if you are a Russian hacker — for those keeping track of breach notification requirements, the National Credit Union Administration (NCUA) Board approved a final...more
3/8/2023
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
FCC ,
Hackers ,
Malware ,
National Security Agency (NSA) ,
NCUA ,
Ransomware ,
Spyware ,
Telecommunications
When a business experiences a data security incident, there is invariably one principal question that the affected business wants answered: Who do we tell?
Originally published in Law360 on December 2, 2022....more
On Oct. 17 and again on Nov. 3, the California Privacy Protection Agency, or CPPA, modified the text of the proposed regulations implementing the California Privacy Rights Act, or CPRA.
Originally published in Law360 on...more
In this episode of Unauthorized Access, Kamran and Sadia welcome Lynn Peachey, director of business development at Arete. The three talk about Lynn’s life, being a woman in cyber, and perfecting the work-life balance. Welcome...more
A thesis statement for this month's Cyber Capsule might be "You're Doing It Wrong." Whether it's easily guessable passwords, manipulated URLs, or waiting longer than prudent to report a data breach, most of our items look at...more
Please find our eighth edition of the Cyber Capsule. In this edition, we discuss a brazen botnet, steps to shield the online availability of federal judges' personal information, the price of cybersecurity, and a warning...more
In this episode of Unauthorized Access, Kamran and Sadia are joined by Redpoint Cybersecurity VP of Client Engagement Violet Sullivan. The three cyber experts discuss board level buy-in and how to make sure the board is...more
It is 2022, which means you’ve received your fair share of consumer breach notification letters.
Originally published in Law360 on September 30, 2022....more
Please join Consumer Financial Services Partner Chris Willis and his colleagues Privacy + Cyber Associate Sadia Mirza and Privacy + Cyber Partner Kamran Salour as they discuss phishing. Kamran and Sadia break down what...more
According to the Verizon Wireless 2022 Data Breach Investigations Report, there are four prominent paths that threat actors use to gain unauthorized access into an organization’s network...
Originally published in Law360 on...more
In this episode of Unauthorized Access, Kamran and Sadia welcome their firm colleague, Privacy + Cyber Partner and Team Leader Ron Raether, in a discussion on consumer breach notices — specifically from Ron's perspective as a...more
Welcome to the sixth edition of the Cyber Capsule. This edition focuses on protecting judges’ personal information; an uptick in phishing; a regulatory decision and a judicial opinion, each of which may impact how companies...more
For nearly 20 years, October has served as Cybersecurity Awareness Month. To highlight the importance of being cyber ready, we will release weekly tricks and treats as part of this four-part series to make your business more...more
Welcome to our latest edition of the Cyber Capsule. September followed trends we have seen the last few months, with legislation directed at funding to support state and local governments in their quest to stop cyberattacks;...more
The holiday season is around the corner. For most of us, it is a time of joy, cheer, excitement, and hopefully some relaxation. For cyber criminals, however, this is the busy season (same goes for Santa and his elves).
...more
Can cyber investigations be canned? Find out what Sadia, Kamran, and this month’s guest, Shawn Tuma of Spencer Fane, have to say. The gloves come off as these three breach coaches duke it out for the final word on this topic....more
Your business was hit with a ransomware attack over the weekend, and the critical systems are locked up (i.e., encrypted). To unlock those valuable systems and continue operating the business, the threat actor demands...more