No Password Required: LIVE From Sunshine Cyber Con
An Update On IOT Device Breaches, Framework, And Legislation
Your Cyber Minute: Importance of the GDPR to the global business community
Your Cyber Minute: The Implications of the GDPR for Cybersecurity
How to Respond to President Obama's Cybersecurity Executive Order
Our Privacy, Cyber & Data Strategy Team discusses the new Cyber Resilience Act (CRA) that affects manufacturers and distributors of connected devices that are in use anywhere in the European Union....more
On 30 November 2022, OpenAI made its ChatGPT generative artificial intelligence chatbot publicly available. In the two years since, its unprecedented growth has fostered a dramatic shift in public attention to and interest in...more
The National Institute of Standards and Technology (NIST) has been a leading voice in cybersecurity standards since 2013, when President Obama’s Executive Order on Improving Critical Infrastructure Cybersecurity tasked NIST,...more
On December 4, 2024, four of the five members of the Five Eyes intelligence-sharing group (the United States, Australia, Canada, and New Zealand) law enforcement and cyber security agencies (Agencies) published a joint guide...more
Forming part of the EU’s broader digital and cyber security strategy, the new Network and Information Systems Directive 2022/2555 (NIS2) came into effect on 18 October 2024 (this being the deadline by which the directive is...more
On 29 November 2024, the Australian Senate passed the Privacy and Other Legislation Amendment Bill 2024 (Cth) (the Privacy Act Bill). This follows the passage of the Cyber Security Act 2024 (Cth), and other cyber-security...more
The increased use of artificial intelligence (AI) in the banking, insurance, and financial services industries has led the New York State Department of Financial Services (NYDFS or Department) to publish an Industry Letter on...more
Let’s role-play the title “Chief Information Security Officer” (CISO) as various chess pieces, each representing different aspects of the challenges and responsibilities faced in this critical position. Examining these...more
On October 16, 2024, the New York State Department of Financial Services (the "DFS"), under its Cybersecurity Regulation—23 NYCRR Part 500—issued a memorandum providing guidance on the risks posed by artificial intelligence...more
At what point has a director served too long? What about term limits? A mandatory retirement age? When do a director’s skills become stale? These issues are addressed in this issue of The Informed Board, as well as why proxy...more
Cyber threats continue to grow as a result of increased digitization, widespread use of cloud computing, advanced connectivity and artificial intelligence (AI), requiring boards of directors across all sectors to focus more...more
Financial institutions and securities market participants continue to face escalating cyber threats – in frequency, volume, and severity. The many reasons for the escalating risk include: Financial services companies are...more
Oversight of data-related risks: From data governance to GenAI and cybersecurity While data governance has been a priority for companies for some time, the explosive growth in the use of generative artificial intelligence...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
The conclusion of Cybersecurity Awareness Month is a reminder of the importance for organizations to implement robust security measures and promote good cyber hygiene. As we noted in our State of the Cyber Landscape webinar,...more
Our Health Care and Privacy, Cyber & Data Strategy Groups cover an upcoming proposed rule from U.S. Health and Human Services (HHS) that would formalize cybersecurity requirements and allow the Office for Civil Rights (OCR)...more
Organizations can prevent cyberattacks and minimize liability risks by reviewing and implementing these 10 important steps: Adopt a Zero Trust Network Access Framework, which requires all users to be authenticated,...more
On November 1, 2024, the next phase of several significant amendments to the New York Department of Financial Services’ (NYDFS) cybersecurity regulation take effect. These specific amendments, enacted in 2023, impact the...more
BACKGROUND - On October 16, 2024, the New York State Department of Financial Services (DFS) issued an industry letter, Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks,...more
On October 16, 2024, the New York Department of Financial Services (“NYDFS”) issued guidance and strategies (“Guidance”) concerning cybersecurity risks that arise in response to the advancements in artificial intelligence...more
Connecticut Attorney General William Tong announced on October 21, 2024, that his office has settled a data breach case against Guardian Analytics, Inc. for $500,000. The data breach affected the personal information of...more
On October 16, 2024, the New York Department of Financial Services (“NYDFS”) released an Industry Letter—entitled Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks (the “Letter”)....more
This month is the 21st annual Cybersecurity Awareness Month, cosponsored by the Cybersecurity and Infrastructure Agency (CISA) and the National Cybersecurity Alliance. This year’s theme is “Secure Our World,” continuing what...more
It has been a busy month for cyber and privacy regulation in Australia. On the heels of the proposed amendments to the Privacy Act 1988 released just under a month ago, three further draft Bills relating to cyber security...more
INTRODUCTION - The acceleration of the rate of cyber-attacks against companies in Hong Kong in the last year or so (with over 60 notifications of such attacks being received by the Office of the Privacy Commissioner of...more