The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
The widespread availability of Artificial Intelligence (AI) tools has enabled the growing use of “deepfakes,” whereby the human voice and likeness can be replicated seamlessly such that impersonations are impossible to detect...more
Data Resilience Masterclass: Navigating the Risks of the Digital Age - Data Risk and Resilience is a critical topic for modern businesses, especially within industries that handle vast amounts of sensitive information....more
Organizations face increasingly sophisticated threats that can compromise data and disrupt business operations. This presentation will explore the role that digital forensics plays in an effective incident response plan using...more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
If you are an attorney covering cybersecurity, not only do you have to stay on top of ever-evolving legal obligations and risks, you have to be able to speak competently with your technical counterparts....more
Defining the role of inherent risk in cybersecurity - Inherent risk is a concept that while fundamental to cybersecurity, has largely been disregarded by popular cybersecurity risk guidelines and standards and remains arcane...more
June 2024, Cleveland City Hall shut down due to what it initially described as a “cyber incident,” which was later explained as a ransomware attack. Many of the functions provided by City Hall stopped or significantly slowed,...more
AI capabilities are growing by the day, and with them, so are increasing government efforts to put in place guardrails, principles, and rules to govern the AI space. In May alone, Utah’s Artificial Intelligence Policy Act...more
As artificial intelligence (AI) continues to advance rapidly, organizations of all types are seeking to deploy this powerful tool to increase the effectiveness and efficiency of their operations, improve service to their...more
The regulation of artificial intelligence (AI) has drawn significant interest from policymakers in the US, particularly at the state level. There has been a recent slew of legislative activity with respect to comprehensive AI...more
On May 14, the National Institute of Standards and Technology (NIST) released “Revision 3” to Special Publication 800-171 (Protecting Controlled Unclassified Information on Nonfederal Systems and Organizations) and 800-171A...more
As the manufacturing industry increasingly relies on advanced technology such as the industrial internet of things, automation and big data, manufacturers are particularly susceptible to cyberattacks. Manufacturing operations...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
MIT Report Details New Cybersecurity Risks - “Cloud misconfigurations, more sophisticated ransomware, and vendor exploitation attacks are contributing to rising cyberattacks.” Why this is important: Worldwide spending...more
On May 2, the Department of Defense (DOD) issued a class deviation to DFARS 252.204-7012 “to provide industry time for a more deliberate transition upon the forthcoming release of [National Institute of Standards and...more
Earlier this year, the National Institute of Standards and Technology (NIST) issued an update to its Cybersecurity Framework (CSF) with the release of version 2.0, the first update since April 2018 (version 1.1). While the...more
On February 28, 2024, President Biden signed Executive Order 14117 (the EO), on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” The United...more
In the absence of federal cybersecurity and data privacy laws, companies have to look to other sources of guidance, including industry standards, and state laws. The National Institute of Standards and Technology (“NIST”)...more
Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more
Biden Administration Issues Executive Order Restricting Bulk Transfers of U.S. Citizens' Personal Data to “Countries of Concern” - On February 28, 2024, President Biden issued an Executive Order (“EO”) to address the...more
In January 2024, Virginia Governor Glenn Youngkin announced and signed Executive Order 30 on Artificial Intelligence (EO 30), establishing “important safety standards to ensure the responsible, ethical, and transparent use of...more
Since the dawn of digitalization, the collection and retention of personal and other business confidential data by employers has implicated security and privacy challenges—by amassing a treasure trove of data for bad actors...more