No Password Required: LIVE From Sunshine Cyber Con
An Update On IOT Device Breaches, Framework, And Legislation
Your Cyber Minute: Importance of the GDPR to the global business community
Your Cyber Minute: The Implications of the GDPR for Cybersecurity
How to Respond to President Obama's Cybersecurity Executive Order
Law firms handle confidential information and documents that require diligent protection. The stakes are high, the regulations and their sources are vast, and technology is sophisticated and ever-changing....more
On 29 November 2024, the Australian Senate passed the Privacy and Other Legislation Amendment Bill 2024 (Cth) (the Privacy Act Bill). This follows the passage of the Cyber Security Act 2024 (Cth), and other cyber-security...more
Oversight of data-related risks: From data governance to GenAI and cybersecurity While data governance has been a priority for companies for some time, the explosive growth in the use of generative artificial intelligence...more
The conclusion of Cybersecurity Awareness Month is a reminder of the importance for organizations to implement robust security measures and promote good cyber hygiene. As we noted in our State of the Cyber Landscape webinar,...more
Connecticut Attorney General William Tong announced on October 21, 2024, that his office has settled a data breach case against Guardian Analytics, Inc. for $500,000. The data breach affected the personal information of...more
This month is the 20th annual Cybersecurity Awareness Month, co-sponsored by the Cybersecurity and Infrastructure Agency and the National Cybersecurity Alliance. This year’s theme is “Secure Our World.” The takeaways from...more
Sharing personal data across borders is critical for organizations operating and doing business internationally. Doing so in compliance with data security and privacy laws, however, can be a complex and challenging exercise...more
The EU-US Data Privacy Framework (the “Framework”) sets forth a set of principles and requirements that US organizations can comply with and, following certification, be permitted to join the Framework. On October 12, the UK...more
If your business transfers data from the European Union to the United States, you’ve likely been keeping an eye on the EU-U.S. Data Privacy Framework (EU-U.S. DPF) for the past several years. The long-awaited adequacy...more
CYBERSECURITY - Patch Adobe ColdFusion Vulnerabilities Being Exploited in the Wild ASAP - Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023,...more
There will be additional compliance obligations and mandatory contractual provisions introduced for financial entities and outsourced IT service providers. The new DORA seeks to strengthen the resilience of financial...more
As of July 17, 2023, U.S.-based multinational employers that can access the personal data of their workforce members in the European Union (EU) via a human resources information system (HRIS), or otherwise transfer the...more
The US government continues to refine its influential cybersecurity guidance, the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), with a substantial update to the CSF expected later this...more
The legal profession is under constant threat of cyberattacks and breaches. Cybersecurity challenges exist in many contexts but the legal profession is particularly vulnerable due to its federated environment and disparate...more
The National Institute of Standards and Technology (“NIST”) is seeking comments on its draft NIST SP 800-160, Volume 2, Revision 1, “Developing Cyber-Resilient Systems: A Systems Security Engineering Approach,” and draft NIST...more
Through legislation, Connecticut has incentivized businesses to conform to one or more industry recognized cybersecurity frameworks. As we recently discussed, cybersecurity incidents and risks are taking centerstage. Under...more
Cyberattacks on organizations with large consumer databases have been on the rise recently. This is certainly true for the insurance industry, which also has been migrating more business to online platforms in an effort to...more
United States - Regulatory—Policy, Best Practices, and Standard - NIST Unveils Draft Guidance to Protect Critical Infrastructure - On October 22, 2020, the National Institute of Standards and Technology ("NIST")...more
The year is 2013: The Obama administration just signed Executive Order 13636, calling for the sharing of cybersecurity risk information and a framework for reducing such risk. It was then that the National Institute of...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the EU advocate general's decision in Schrems II, a federal court's ruling that an insurer owed coverage for a social engineering loss, the Chinese...more
On January 16, 2020, the National Institute of Standards and Technology (NIST) issued its NIST Privacy Framework Version 1.0 (Privacy Framework). The Privacy Framework follows the same type of structure as the NIST Framework...more
The National Institute of Standards and Technology (NIST) released its first privacy framework tool (the “Privacy Framework”) on January 16, 2020. In the Executive Summary...more
While federal legislators still appear unable to reach consensus on the content of national privacy legislation, the National Institute of Standards and Technology (NIST) is moving forward with its plan to issue a “Privacy...more
The National Institute of Standards and Technology (NIST) released a preview of its plans for a standard Privacy Framework this past week. The purpose of the Framework is to help organizations better manage privacy risks....more
WHAT YOU NEED TO KNOW: Ohio is taking a unique approach to addressing data breaches by offering businesses meeting certain requirements with a safe harbor against lawsuits following a data breach. Specifically, the act...more