FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: Coverage Challenges and Changes
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
"Monsters Inc." y el tratamiento de los datos
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
AI Discrimination and Emerging Best Practices – Part 2 - The Good Bot Podcast
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
The Cybersecurity & Infrastructure Security Agency, the Federal Bureau of Investigation, and the Multi-State Information Sharing and Analysis Center released an advisory on February 19, 2025, providing information on Ghost...more
Cybersecurity success depends on more than just technology. As we’ve seen in part one and part two of this series on cybersecurity risk, the costs of a cyber attack are high – and bad actors always look for the easiest entry...more
The consequences of a cyberattack can be catastrophic, as we saw in the previous blog of this series. Cybersecurity is a business-wide responsibility that demands a proactive strategy extending far beyond technical solutions...more
If you have a tendency to reuse the same password across multiple accounts, you could be leaving yourself (and your organization) exposed to risk. Credential stuffing, the stealthy technique fueling a recent explosion of...more
Why does it matter to you? In February of 2024, Change Healthcare, a prominent player in the healthcare industry, fell victim to a ransomware attack that sent shockwaves through its systems and networks. The incident...more
The Internet of Things (“IoT”) has ushered in a new era of connectivity and convenience, but with it comes a host of legal issues and emerging theories of liability. As IoT devices become increasingly ubiquitous in our daily...more
In one of the most clear-eyed and sobering assessments of the cyberthreat China poses to our nation’s critical infrastructure, the country’s foremost cybersecurity leaders recently testified that the Chinese Communist Party...more
On December 15, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) issued a Secure by Design Alert and guidance on “How Manufacturers Can Protect Customers by Eliminating Default Passwords.”...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
The term cybersecurity is thrown about because it covers so many risks. There is no common definition of cybersecurity and the technical elements included in the term. From a technical standpoint, cybersecurity covers...more
In the recent case Construction Industry Laborers Pension Fund on behalf of SolarWinds Corporation, et. al v. Mike Bingle, et al. (2022), the Delaware Chancery Court considered whether the directors of SolarWinds Corporation,...more
Tech Vendors and Cybersecurity – Are They Responsible? It has long been recommended that when you contract with a technology vendor that you include an indemnity clause in the contract wherein the vendor will indemnify you...more
It has long been recommended that when you contract with a technology vendor that you include an indemnity clause in the contract wherein the vendor will indemnify you if its product is compromised and results in a data...more
The Federal Trade Commission (FTC) recently warned private entities to remediate any ongoing Log4j vulnerabilities present within their networks or face possible enforcement action....more
According to numerous government and media sources, malicious cyber actors are targeting a new “zero day” vulnerability on a massive scale. This vulnerability, referred to as “Log4j” or “Log4Shell,” has resulted in widespread...more
On December 9th, 2021, a critical zero-day vulnerability, which has the potential of providing threat actors access to millions of computers worldwide, was discovered. Due to the critical nature of this vulnerability, and the...more
It was a crazy weekend for cyberattacks. People seem surprised, but those of us in the industry aren’t surprised one bit. It is very logical and foreseeable that hackers are leveraging attacks that have maximum disruption on...more
A widely reported flaw in popular software known as Log4j poses a severe cybersecurity threat to organizations around the globe, with hundreds of millions of devices at risk. Over the past week, government agencies,...more
On December 10, 2021, multiple media outlets, the Cybersecurity and Infrastructure Security Administration (CISA), and the director of cybersecurity at the National Security Agency (NSA) began alerting to a significant...more
CYBERSECURITY - Microsoft Issues Emergency Software Update for PrintNightmare Zero Day Vulnerability - Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center...more
Published on June 9, 2021, President Biden’s Executive Order on Protecting America’s Sensitive Data from Foreign Adversaries is the latest Executive Order seeking to strengthen national security by improving public and...more
The FBI recently issued a Flash Alert to Fortinet Fortigate users that Advanced Persistent Threat (APT) groups are continuing to exploit devices that have not been patched. Although Fortinet issued patches for these...more
Development and Operations (DevOps) teams are often pressured by executives and sales teams to get software products completed and out the door and into the market as quickly as possible so the products can generate income....more
On December 13, the software and service provider SolarWinds announced that its Orion software platform had been the target of a sophisticated cyber-attack that may have resulted in malicious code being pushed to as many as...more
• DoD and other government agencies will scrutinize contractors’ supply chain security plans and programs from proposal submission to contract closeout. • The 2019 NDAA as approved by Congress and DHS initiatives highlight...more