The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
SEC’s New Cyber Rules for Publicly Traded Companies — The Consumer Finance Podcast
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Episode 293 -- Catching Up with California and Other State Privacy Laws
How to Fix the Cyber Incident Reporting Mess--DHS Weighs In
Regulatory Phishing Podcast - The Impact of Cybersecurity Compliance on Corporate Transactions
The Justice Insiders Podcast: Incidents in the Material World: SEC Adopts New Cybersecurity Rules
Episode 288 -- SEC Adopts Robust New Cybersecurity Disclosure Rules
2023 DSIR Report Deeper Dive into the Data
Cybersecurity Threats Facing Food and Agribusiness Companies & the Preparation and Protection Safeguards to Help Mitigate Them
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
2022 DSIR Report Deeper Dive: FTC
2022 DSIR Deeper Dive: Vendor Incidents
Unauthorized Access: An Inside Look at Incident Response
The State of Cyber: Breaking Down Recent Rules and Regulations
Mandatory Cyber Incident Reporting: Pros, Cons, and Next Steps
Cyberside Chats: Preserving Legal Privilege After a Cybersecurity Incident
Debra Geroux and Scott Wrobel on Responding to Data Breaches
Financial institutions are now required to notify the Federal Trade Commission about any security breach that involves the information of 500 customers or more. The breach must be reported no later than 30 days after it is...more
Joseph Sullivan, Uber’s beleaguered former Chief Information Security Officer, was back in the news last month when he appealed his 2023 conviction for his role in concealing a 2016 breach of Uber’s network and customer data....more
We’re back with a deeper dive into the 2024 Data Security Incident Response Report, which features insights and metrics from 1,150+ incidents in 2023. This episode dives deeper into the recent FTC privacy developments...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
For years, the Gramm-Leach-Bliley Act (GLBA) has required financial institutions to maintain reasonable safeguards for consumer data, but has only had limited breach-reporting requirements. To the extent financial...more
The proliferation of cybersecurity regulations has the White House and Congress calling for harmonization to streamline regulations, focus on reciprocity, and decrease compliance costs. Senator Gary Peters (D-MI), chair of...more
On May 13, the FTC’s amendment to the Safeguards Rule relating to the reporting of data breaches and security incidents, which were announced in October of 2023, became effective. As a reminder, the FTC’s Safeguards Rule...more
Selected U.S. Privacy and Cyber Updates - CISA Posts Notice of Proposed Rulemaking Under CIRCIA - On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM)...more
Federal jurisdiction under the Gramm Leach Bliley Act (“GLBA”) is a patchwork, particularly for banks –the Federal Reserve, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency all...more
At this point, it is self-evident that companies are grappling with an ever-evolving (think: tougher) cyber risk terrain. However, two recent cases against companies and their Chief Information Security Officers (CISOs),...more
As we enter the New Year, Wiley has looked back at the top cyber issues for 2023 and what they mean for 2024. Last year, we saw the rollout of the National Cybersecurity Strategy—which outlined a new era of cyber oversight—as...more
In the December Public Company Watch, we cover key issues impacting public companies, including a preview of the SEC’s latest regulatory agenda, an update regarding the Fifth Circuit vacating the SEC’s share repurchase rules,...more
On November 16, the Federal Trade Commission (FTC) announced an enforcement action against Global Tel*Link Corporation and two of its subsidiaries (collectively, “GTL”), which provide communications and payment services to...more
A previous installment discussed the centrality of network topology to an organization’s data security and outlined the legal framework and obligations incumbent upon many organizations in the U.S. The first installment can...more
On October 30, 2023, the Securities and Exchange Commission (SEC) announced a civil suit against SolarWinds and their chief information security officer (CISO) for fraudulent cybersecurity information. The SEC claims that...more
On October 27, 2023, the Federal Trade Commission (“FTC”) adopted an amendment to the FTC’s Safeguards Rule that will require non-banking financial institutions to notify the FTC within thirty days of discovering a data...more
On October 27, 2023, the Federal Trade Commission (FTC) announced it is amending the Safeguards Rule of the Gramm-Leach-Bliley Act (GLBA) to include a requirement for non-bank financial institutions to report certain data...more
On October 27, the Federal Trade Commission (FTC or Commission) published a final rule expanding data breach notification requirements for certain financial institutions (Final Rule). Federal Register, will require entities...more
A flurry of legislative activity over the past year has brought meaningful changes to a variety of privacy and security provisions in state and federal law. At the state level, as in 2022, we have seen a handful of changes to...more
Any time a regulation is put forth, there is always a level of uncertainty, especially regarding understanding the roles and responsibilities of key business leaders. The SEC’s new cybersecurity final rule means heightened...more
In the August edition of our Public Company Watch, we cover key issues impacting public companies, including the SEC’s enhanced disclosure requirements regarding cybersecurity risk management, strategy, governance and...more
The government’s announcement of renewed emphasis on cybersecurity enforcement has spawned recent million-dollar enforcement actions. Continued government attention on cybersecurity promises a treacherous enforcement...more
The financial services sector must already contend with a maze of regulations in a variety of areas, and 2023 is poised to usher in new cybersecurity regulations for the industry. Organizations should ensure their security...more
On October 5, 2022, after a monthlong jury trial, former Uber Chief Information Security Officer Joseph Sullivan was found guilty of obstructing proceedings of the Federal Trade Commission (FTC) and misprision of a felony...more