No Password Required: LIVE From Sunshine Cyber Con
An Update On IOT Device Breaches, Framework, And Legislation
Your Cyber Minute: Importance of the GDPR to the global business community
Your Cyber Minute: The Implications of the GDPR for Cybersecurity
How to Respond to President Obama's Cybersecurity Executive Order
Law firms handle confidential information and documents that require diligent protection. The stakes are high, the regulations and their sources are vast, and technology is sophisticated and ever-changing....more
On December 4, 2024, four of the five members of the Five Eyes intelligence-sharing group (the United States, Australia, Canada, and New Zealand) law enforcement and cyber security agencies (Agencies) published a joint guide...more
On 29 November 2024, the Australian Senate passed the Privacy and Other Legislation Amendment Bill 2024 (Cth) (the Privacy Act Bill). This follows the passage of the Cyber Security Act 2024 (Cth), and other cyber-security...more
Oversight of data-related risks: From data governance to GenAI and cybersecurity While data governance has been a priority for companies for some time, the explosive growth in the use of generative artificial intelligence...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
The conclusion of Cybersecurity Awareness Month is a reminder of the importance for organizations to implement robust security measures and promote good cyber hygiene. As we noted in our State of the Cyber Landscape webinar,...more
Organizations can prevent cyberattacks and minimize liability risks by reviewing and implementing these 10 important steps: Adopt a Zero Trust Network Access Framework, which requires all users to be authenticated,...more
Connecticut Attorney General William Tong announced on October 21, 2024, that his office has settled a data breach case against Guardian Analytics, Inc. for $500,000. The data breach affected the personal information of...more
This month is the 21st annual Cybersecurity Awareness Month, cosponsored by the Cybersecurity and Infrastructure Agency (CISA) and the National Cybersecurity Alliance. This year’s theme is “Secure Our World,” continuing what...more
It has been a busy month for cyber and privacy regulation in Australia. On the heels of the proposed amendments to the Privacy Act 1988 released just under a month ago, three further draft Bills relating to cyber security...more
The ubiquity of artificial intelligence (AI) has heightened companies’ exposure to cyberattacks of increasingly greater sophistication. Our Privacy, Cyber & Data Strategy Team explores how businesses can enhance their...more
Introduction It wouldn't be much of an exaggeration to say that NIS2 is the acronym on everyone's lips. When coupled with its European sister legislation DORA, we encounter a regulatory twosome that make GDPR feel like...more
October is here, and as we prepare for pumpkin spice lattes, fall sweaters, and scary decorations, there's one thing your business can't afford to ignore this month: cybersecurity. Welcome to Hack-tober, or as it's officially...more
Close on the heels of its Consent Decrees with TracFone and AT&T, on September 27, 2024, the Enforcement Bureau of the Federal Communications Commission (FCC) announced that it reached a Consent Decree with T-Mobile US, Inc....more
In this post in our series on basic cybersecurity concepts for lawyers (see here and here for prior posts), we delve into the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) 2.0, which is a...more
INTRODUCTION - The acceleration of cyber-attacks on companies in Hong Kong in the last year or so (– with over 60 notifications of such attacks being received by the Office of the Privacy Commissioner of Hong Kong in 2023,...more
Earlier this year, the National Institute of Standards and Technology (NIST) issued an update to its Cybersecurity Framework (CSF) with the release of version 2.0, the first update since April 2018 (version 1.1). While the...more
In its first major overhaul since 2014, the National Institute of Standards and Technology (NIST) updated its Cybersecurity Framework (CSF) on February 26, 2024. The updated 27-page CSF version 2.0 builds on version 1.1 and...more
A previous installment discussed the centrality of network topology to an organization’s data security and outlined the legal framework and obligations incumbent upon many organizations in the U.S. The first installment can...more
The National Institute of Standards and Technology (NIST) is updating version 1.1 of the Cyber Security Framework (CSF). Version 2.0 will be released in final form sometime in 2024, but the August 08 working draft of the CSF...more
This month is the 20th annual Cybersecurity Awareness Month, co-sponsored by the Cybersecurity and Infrastructure Agency and the National Cybersecurity Alliance. This year’s theme is “Secure Our World.” The takeaways from...more
The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more
Sharing personal data across borders is critical for organizations operating and doing business internationally. Doing so in compliance with data security and privacy laws, however, can be a complex and challenging exercise...more
The EU-US Data Privacy Framework (the “Framework”) sets forth a set of principles and requirements that US organizations can comply with and, following certification, be permitted to join the Framework. On October 12, the UK...more
On August 8, 2023, the National Institute of Standards and Technology (NIST) released the initial draft of its Cybersecurity Framework 2.0 and draft Implementation Examples for public comment. This marks the first significant...more