When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
The role of the chief information security officer (CISO) in 2024 is evolving. With budgetary limitations, an increasingly complex threat environment, generative artificial intelligence (AI) tools, new regulatory mandates, a...more
Learning Objectives: - Gain an understanding of recent changes to the cyber security landscape - Where to start: elevate your cyber security risk management - Educate on the future of cyber security in healthcare and...more
What if a single compromised credential could silently bring down your entire organization? Our recent threat hunts across Fortune 100 clients suggest that this isn't just a possibility—it's a reality....more
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
Learning Objectives: - Understand the methods for de-identification - Learn about the differences between anonymization, de-identification, and pseudonymization - Understand what “potential for re-identification”...more
The SEC has been aggressively pursuing cybersecurity investigations and enforcement actions against public companies and foreign private issuers. In these actions, the SEC often alleges one of two theories: 1) that the...more
Learning Objectives: - Explain the evolution of state data protection laws over the past year - Explore the focus on protecting health consumers - Describe practical approaches on how to build a privacy program when...more
Since I hang out with a lot of CISOs, and understand their pain points, I urge readers to send a “thank you” and “you are the best” message to their CISO. You can’t imagine the pressure and stress they are under to try to...more
Are you responsible for privacy compliance at your company? Sharpen your pencils and grab your highlighters for this three-part series on critical privacy laws, DPOs and privacy officers (and when you should appoint one), and...more
Tamiko Fletcher —CISO at Kennedy Space Center With a Heart of Gratitude Tamiko Fletcher’s career at NASA began in 1999 as a cooperative education student. Her journey to CISO over the following 20 years is nothing short of...more
Join us for an insightful webinar with Miller Nash’s head of privacy and data security team, Eva Novick, and colleague, Delfina Homen, where we will delve into the essentials of privacy and data security in 2024. Whether...more
CYBERSECURITY CISOs: New Report Outlines Risks of LLMs - I hang out with a lot of Chief Information Security Officers (CISOs), so this piece is for them. Of course, it will be of interest to all security professionals...more
I hang out with a lot of Chief Information Security Officers (CISOs), so this piece is for them. Of course, it will be of interest to all security professionals struggling with assessing the risk of large multimodal models...more
At Cornell University, institutional review board (IRB) members meet with the chief information security officer and a liaison to the general counsel’s office. Their regular attendance has been “really critical,” said IRB...more
New York is the first state to propose cybersecurity requirements for all hospitals operating in the state to address patient safety and other cybersecurity related issues....more
On November 1, 2023, the New York State Department of Financial Services (“NYDFS”) issued its Second Amendment (the “Amendment”) to its Cybersecurity Requirements for Financial Services Companies adopted in 2017, codified in...more
A major amendment to the New York State Department of Financial Services' cybersecurity regulations establishes affirmative cybersecurity oversight duties and requires companies to report extortion payments to the agency....more
The New York State Department of Financial Services (NYDFS) adopted comprehensive amendments to its cybersecurity regulations (known as Part 500) on Nov. 1. The draft amendments were first published in July 2022 and finalized...more
On November 1, New York Governor Kathy Hochul announced that the state’s Department of Financial Services (NY DFS) has amended its Cybersecurity Regulations to “enhance cyber governance, mitigate risks, and protect New York...more
The New York Department of Financial Services (NYDFS) adopted a long-expected amendment to its Part 500 Cybersecurity Regulations (Part 500) this week. These are the first significant changes to Part 500 since its inception...more
If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy. The rapid elevation...more
Clearly defined roles and responsibilities are an essential component of an effective compliance program. Failure to adequately assign responsibility can lead to gaps in compliance coverage and a lack of accountability. ...more