No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
In terms of healthcare data breaches, 2024 was the worst year ever, with the records of at least 53% of the U.S. population involved and two of the biggest healthcare data breaches of 2024 ranking in the top 10 of all time. ...more
In February, a coalition of healthcare organizations sent a letter to President Donald J. Trump and the U.S. Department of Health and Human Services (HHS) (the Letter), urging the immediate rescission of a proposed update to...more
One of the Biden Administration’s last healthcare regs was a proposed rule that, if finalized, would make significant changes to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule to...more
Recently, the Department of Health and Human Services’ Office for Civil Rights (OCR) issued a notice of proposed rulemaking (NPRM) to update the Health Insurance Portability and Accountability Act (HIPAA) Security Rule—the...more
With the HIPAA Security Rule set to undergo a massive overhaul to boost cybersecurity protections, PEOs need to take note. After all, as stewards of worksite employee and client company data – and as sponsors of group health...more
On December 27, 2024, the Department of Health and Human Services (HHS) issued a notice of proposed rulemaking (NPRM) related to the Security Rule under the Health Insurance Portability and Accountability Act (HIPAA). ...more
The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more
On April 4, the Cybersecurity and Infrastructure Security Agency published a notice of proposed rulemaking setting out mandatory reporting requirements for covered entities that experience cybersecurity incidents or make...more
In 2025, new federal reporting requirements will require hundreds of thousands of organizations to report cyber incidents within hours of discovery to the United States Government, marking a significant impact on how...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
Last October, the Federal Acquisition Regulation (FAR) Council proposed two new rules, one of which that will influence cyber incident response practices. The scope is limited as it only applies to federal government...more
On October 27, 2023, the Federal Trade Commission (the “FTC”) adopted a final rule (“Final Rule”) to amend the Standards for Safeguarding Customer Information (the “Safeguards Rule”). Among other things, the Final Rule will...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice....more
Two years after the Department of Justice (DOJ) established its Civil-Cyber Fraud Initiative, there has been a recent uptick in enforcement and regulatory activity related to cybersecurity. September opened with the unsealing...more
The U.S. Securities and Exchange Commission’s (SEC) 2023 Spring Unified Agenda of Regulatory and Deregulatory Actions was released last month and includes an anticipated action date for finalizing rules for cybersecurity...more
The Securities and Exchange Commission (SEC or Commission) voted on March 15, 2023, to propose three new sets of rules for data security, cybersecurity, and IT operational resilience. The newly proposed rules would, among...more
Government agencies at the state and federal levels are increasingly training their sights on the cybersecurity resiliency of companies in an array of industries. The US Securities and Exchange Commission has proposed rules...more
On March 9, 2022, the Securities and Exchange Commission (“SEC”) announced Proposed Rules on cybersecurity risk management, strategy, governance, and incident disclosure (“Proposed Rules”) to address concerns of increasing...more
Increasingly, the Federal government implements a rule for government contractors which then makes its way in some form into all of US industry. Cybersecurity regulations, mandating that government contractors, grant and...more
The Securities and Exchange Commission is busy. The new Chairman Gary Gensler hit the ground running and is pushing an active agenda of policy issues and enforcement. Along with this push, the SEC’s new enforcement director,...more
Corporate risk and compliance officers already labor under an influx of concerns related to cybersecurity, so you might have missed this latest news: the U.S. Securities and Exchange Commission has proposed new rules for more...more
In the wake of Russia’s invasion of Ukraine, and amid growing concerns regarding the threat of increased cyberattacks targeting infrastructure and other critical industries, there has been a flurry of federal activity to...more
The SEC’s recent enforcement actions, public statements and proposed rulemaking indicate that cybersecurity will be an area of heightened focus for the Gensler Commission. New proposed rules would require public companies...more
On March 9, 2022, the Securities and Exchange Commission (SEC) proposed amendments to its rules that would require certain cybersecurity-related disclosures by public companies. The proposed rules are intended to enhance and...more
THE SEC’S RULE PROPOSALS AIM TO ASSIST INVESTORS - On March 9, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules “to enhance and standardize disclosures regarding cybersecurity risk management,...more