Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Data privacy regulations aren’t known for being light reading. That doesn’t make it easy for businesses to become compliant. When one law refers to data subjects, another to residents, another to consumers, and another...more
The world of data and tech are advancing at lightning speed. Associated with this, governments and regulators are imposing more robust frameworks and legislative requirements to help safeguard organisations and the data they...more
The SEC’s amended Regulation S-P, adopted last year, will soon enhance data privacy protections for broker-dealers, investment companies, registered investment advisors, and transfer agents. The updated rule requires these...more
The Federal Trade Commission (FTC) released new frequently asked questions (FAQs) aimed at helping auto dealerships comply with its financial data protection regulations, emphasizing that the duty to protect consumers'...more
This monthly report outlines key developments in China’s data protection sector for June. TC260 Two Cybersecurity Practice Guidelines on Personal Information Protection Compliance Audits: On May 19, 2025, TC260 issued two...more
On 10 June 2025, the new statutory tort for serious invasions of privacy came into force as part of a suite of privacy reforms passed last year, substantially enhancing privacy protections and signalling a material shift in...more
Information leaks can range from exposures of internal decisions and salary data to the disclosure of intellectual property, strategy documents, or board minutes. Whether accidental or intentional, these leaks demand...more
This monthly report outlines key developments in China’s data protection sector for May. The following events merit special attention...more
On May 21, 2025, the Federal Trade Commission (FTC) finalized its order with GoDaddy over allegations that GoDaddy “failed to implement standard data security tools and practices to protect customers’ websites and data.” In a...more
In response to a record year of personal data breaches in 2024, affecting millions of individuals, the French data protection authority (CNIL) has published a set of security directives for operators of large databases. While...more
A federal district court recently found that employees aren’t protected by Kentucky’s consumer protection law because they don’t qualify as consumers, handing a solid win to employers. The April 21 decision in Viviali v. One...more
Another school year is winding down, and educational leaders perhaps have never been more ready for summer break. From the Trump administration’s significant policy shifts to deeply consequential litigation playing out to...more
On April 14, 2025, the UK data protection regulator (the Information Commissioner’s Office (“ICO”)) fined DPP Law (“DPP”) £60,000 (approximately $80,000) following a ransomware incident. In its penalty notice, the ICO found...more
Last week’s NFL draft highlighted more than the accomplishments of athletes at the combine or on the field. While there was extensive coverage of the merits of each player, one of the major headlines coming out of the draft...more
Encryption is one of several cornerstones of a robust information security program. Articles on quantum computing often include the compelling narrative that encryption is at risk, but as with any revolutionary technology,...more
Managing risk in the employment law circus isn’t always easy when the rules change like they are contortionists. The 41st Annual Employment Law Update will highlight recent changes to the law and how employers can most...more
International travel may pose serious data security risks – especially for your foreign national workers carrying sensitive, proprietary, or regulated information. Travelers must be aware of potential border inspections,...more
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. ...more
On March 26, 2025, the UK data protection regulator (the Information Commissioner’s Office (“ICO”)) fined Advanced Computer Software Group Ltd (“Advanced”) £3.07 million (approximately $4 million). In 2022, Advanced suffered...more
We are pleased to present our final 2024 update to the New England and First Circuit Class Action Tracker, which focuses on class action filings in state and federal courts within the boundaries of the First Circuit in New...more
Recent reports concerning a potential security incident involving Oracle Cloud services provide a warning for many companies who allow third parties to access or store sensitive company data. A threat actor claims to have...more
With the number of data breaches increasing each year, it’s becoming more important to know what personal data you have and where you have it. On personal or even work devices, you may be surprised at how much of your data is...more
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more
If you hang out with CISOs like I do, shadow IT has always been a difficult problem. Shadow IT refers to refers to “information technology (IT) systems deployed by departments other than the central IT department, to bypass...more
On March 12, 2025, a joint cybersecurity advisory was issued by the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the Multi-State Information Sharing and Analysis Center to advise...more