No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
In 2024, state attorneys general (State AGs) focused on a broad variety of areas and industries including, in particular, emerging industries such as artificial intelligence (AI) and privacy and social media protections....more
Keypoint: New York has amended its data breach notification law twice in the last 60 days to (1) add a 30-day deadline for notifying affected residents, (2) clarify that covered financial entities must still notify the New...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
On December 24, 2024, New York Governor Kathy Hochul signed into law amendments to New York’s private-sector data breach notification law (General Business Law § 899-aa) and government agency data breach notification law (New...more
As 2024 came to a close, New York Gov. Hochul signed two bills (A8872A and S2376B) amending New York’s data breach law. The modifications change both what constitutes personal information under the law, as well as modifying...more
2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more
In a settlement with Marriott International and its subsidiary Starwood hotels and Resorts Worldwide, the FTC will require Marriott to implement a new comprehensive data security program. The settlement stems from a series of...more
In a recent federal case from New York, the court dealt a blow to plaintiffs suing over data breaches. The plaintiffs had filed a putative class action suit, alleging that they (and others like them) had been harmed by the...more
A California federal court recently ruled that disclosure of certain data collected through website cookies that may qualify as health information could trigger a data breach under the California Consumer Privacy Act (CCPA) –...more
On August 6th, the Dutch Data Protection Authority (DPA) issued guidance cautioning companies about the potential data protection risks associated with the use of Artificial Intelligence (AI)-powered chatbots....more
On July 4, 2024, the B.C. Court of Appeal issued a duo of class action appeal decisions considering the potential scope of statutory and common law privacy claims against data custodians that fall victim to cyberattacks in...more
To the surprise of some, Governor DeSantis recently vetoed a bill that would have provided businesses with a defense to claims arising from “cybersecurity incidents” that lead to data breaches – so long as they met a few...more
Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more
The world is witnessing a flurry of activity surrounding issues of data protection, cybersecurity, artificial intelligence (AI), and consumer privacy. According to the National Conference of State Legislators, some 40 US...more
Welcome to Holland & Knight's monthly data privacy and security news update that includes the latest in policy, regulatory updates and other significant developments....more
Illinois is a major destination for putative class actions arising out of data incidents such as ransomware and other attacks. The cases rarely involve actual demonstrable misuse of personal identifying information (PII)....more
Cybersecurity and data privacy risks continue to loom large with potentially significant consequences. Litigation, often filed soon after incidents, adds to the possible repercussions. In our previous article, we discussed a...more
On November 16, the Federal Trade Commission (FTC) announced an enforcement action against Global Tel*Link Corporation and two of its subsidiaries (collectively, “GTL”), which provide communications and payment services to...more
The Corporate Transparency Act (CTA), a law intended to enable the Financial Crimes Enforcement Network (FinCEN) to detect shell companies and protect the U.S. financial system from abuse by money launderers, drug...more
Data breaches come in many different forms, sizes, and levels of complexity, but they tend to share certain key facts: A third-party bad actor—whether through a phishing attack, a ransomware attack, exploitation of a zero-day...more
A flurry of legislative activity over the past year has brought meaningful changes to a variety of privacy and security provisions in state and federal law. At the state level, as in 2022, we have seen a handful of changes to...more
Texas recently amended its breach notification statute to shorten the time businesses have to notify the state Attorney General after a data breach affecting 250 or more Texas residents. As of September 1, businesses must...more
On July 11, a split U.S. Court of Appeals for the Eleventh Circuit partially vacated the greenlighting of two data breach class actions, holding that a district court must re-analyze the boundaries of the classes. Both the...more
On May 31, 2023, renowned managed file transfer solution provider Ipswitch, Inc. revealed a zero-day vulnerability in its flagship solution, MOVEit Transfer, that can enable mass data theft from thousands of organizations....more
In the recent case Construction Industry Laborers Pension Fund on behalf of SolarWinds Corporation, et. al v. Mike Bingle, et al. (2022), the Delaware Chancery Court considered whether the directors of SolarWinds Corporation,...more