When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Data Resilience Masterclass: Navigating the Risks of the Digital Age - Data Risk and Resilience is a critical topic for modern businesses, especially within industries that handle vast amounts of sensitive information....more
Cyber risk is now a normal part of our personal and professional lives. When companies suffer a cyber incident, they often look to their insurance policy for coverage to help mitigate the financial exposure. Additional...more
Cyberattacks powered by artificial intelligence have become more sophisticated as bad actors utilize machine learning to analyze vulnerabilities, automate exploits, and outpace traditional security measures. Through the use...more
What if a single compromised credential could silently bring down your entire organization? Our recent threat hunts across Fortune 100 clients suggest that this isn't just a possibility—it's a reality....more
Hong Kong is following other jurisdictions, including Mainland China, Singapore and the UK, in proposing to enhance cybersecurity obligations on IT systems of those operating critical infrastructure (“CI“). While the proposed...more
It’s obvious that strong cybersecurity governance should help to reduce a company’s risk of succumbing to a cybersecurity incident or being significantly impacted should one materialize. One major challenge: determining what...more
The recent indictment of Maksim Silnikau, a Belarusian and Ukrainian national, is a clear reminder that cybercriminals are becoming more sophisticated and bold....more
INTRODUCTION - The acceleration of cyber-attacks on companies in Hong Kong in the last year or so (– with over 60 notifications of such attacks being received by the Office of the Privacy Commissioner of Hong Kong in 2023,...more
Backup authentication methods create a vulnerability in passkey protection to adversary-in-the-middle attacks. Security protections from passkey authentication can still potentially be subverted by attackers....more
On June 24, the staff of the U.S. Securities and Exchange Commission's (SEC) Division of Corporation Finance (Division of Corporation Finance) released five new Compliance & Disclosure Interpretations (C&DIs) relating to the...more
In a pair of decisions released on July 5, 2024, the B.C. Court of Appeal found that an alleged reckless failure to safeguard personal information may be sufficient to make out Privacy Act claims of "wilful violation" of...more
Defining the role of inherent risk in cybersecurity - Inherent risk is a concept that while fundamental to cybersecurity, has largely been disregarded by popular cybersecurity risk guidelines and standards and remains arcane...more
Partner Eric Packel takes a deeper dive into BakerHostetler’s 2024 Data Security Incident Response Report. Packel looks back on the last ten years and examines the ways in which the data breach landscape has changed and what...more
Verizon’s 2024 Data Breach Report, a must-read publication, was published on May 1, 2024. The report indicates that “Over the past 10 years, the use of stolen credentials has appeared in almost one-third (31%) of all...more
If your answer is, “to avoid fines,” that’s definitely a good reason. But it’s not the only reason. Pursuing data privacy is also the right thing to do. It builds trust. It prevents harm. The list goes on. However, for most...more
The Health Sector Cybersecurity Coordination Center (HC3) provides timely updates to the health care sector on cybersecurity threats and mitigation. In the last several weeks, HC3 has issued two alerts worth paying close...more
In May 2024, the New York State Department of Health (“NYSDOH”) issued revisions to proposed regulations on hospital cybersecurity that it first released in November 2023. The proposed revised regulations are subject to...more
ComplexDisocvery’s Editor’s Note: This article underscores the growing significance of cyber diplomacy in the context of global security and international relations. As cyber threats become increasingly sophisticated and...more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
It is being reported that Black Basta (aptly named) exploited a Microsoft zero-day prior to Microsoft’s release of a patch for the vulnerability back in March....more
Gone are the days where technological solutions were “nice to have” options to provide us with better access to resources and improved process efficiencies. Nowadays, technological solutions – and specifically those that...more
In today’s digital age landscape, where 27% of law firms experience security breaches, protecting sensitive client information is paramount for legal professionals. With cyber threats becoming more sophisticated, relying...more
In February 2024, the healthcare industry was rattled by a significant cyberattack targeting Change Healthcare (“Change”), a subsidiary of UnitedHealth Group, one of the largest health insurance companies in the world. The...more
Since I hang out with a lot of CISOs, and understand their pain points, I urge readers to send a “thank you” and “you are the best” message to their CISO. You can’t imagine the pressure and stress they are under to try to...more
Join us for an insightful webinar that will delve into the critical aspects of information governance and data management in the rapidly evolving field of cybersecurity. As organizations face escalating cyber threats, the...more