The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
No Password Required: LIVE From Sunshine Cyber Con
Cyberattacks powered by artificial intelligence have become more sophisticated as bad actors utilize machine learning to analyze vulnerabilities, automate exploits, and outpace traditional security measures. Through the use...more
Whether caused by family member thoughtlessness, employee error or the acts of a skilled data thief, everyone is likely to be the victim of an information breach at some point. A cyberattack on a family office or family...more
Leveraging 40,000 anonymous ethics hotline reports and expansive customer interviews, Syntrio’s latest analysis uncovers trends in misconduct, reporting, and more...more
Keypoint: Companies onboarding AI products and services need to understand the potential risks associated with these products and implement contractual provisions to manage them. With the rapid emergence of artificial...more
Something keeping you up at night? It just might be the data risks hiding in your e-discovery process. Join us for an in-depth webinar on "Uncovering E-Discovery Data Risks: How to Identify and Mitigate Hidden Threats Before...more
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
The U.S. Department of Transportation is seeking input from industry stakeholders on the role of artificial intelligence in the supply chain. The DOT’s Advanced Research Projects Agency – Infrastructure is one of many...more
Defining the role of inherent risk in cybersecurity - Inherent risk is a concept that while fundamental to cybersecurity, has largely been disregarded by popular cybersecurity risk guidelines and standards and remains arcane...more
With the launch of OpenAI’s ChatGPT in November 2022, one of the hot buzzwords is “artificial intelligence” (“AI”). Recently, more and more companies, especially small and medium-sized enterprises, purchase AI solutions from...more
INTRODUCTION - The rapid development of Artificial Intelligence (AI) has generated much excitement over the past two years. Since the public launch of Open AI's ChatGPT on 30 November 2022, generative AI and its...more
As Artificial Intelligence (AI) continues to evolve and integrates into business processes, the Office of the Privacy Commissioner for Personal Data (PCPD) released its Artificial Intelligence: Model Personal Data Protection...more
The Department of Justice ("DOJ") is wasting no time in implementing the new cyber-security Executive Order (the EO), signed on February 28, 2024. As explained in our April 2024 blog post, the EO aims to portect Americans’...more
The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more
Research shows that the average business shares its data with over 730 different vendors. It’s hard enough to mitigate risk within your own organization—how do you mitigate risk from more than 730 external entities?...more
Are you tasked with compliance management on a small team or for a smaller organization? Compliance professionals who manage programs for smaller organizations or with limited teams can face unique, sometimes daunting,...more
Cybersecurity success depends on more than just technology. As we’ve seen in part one and part two of this series on cybersecurity risk, the costs of a cyber attack are high – and bad actors always look for the easiest entry...more
Today is World Password Day, a day for organizations to remind their employees of the importance of using strong passwords and practicing good password hygiene to protect personal and work accounts. Given the large number of...more
On April 12, Nebraska Governor Jim Pillen signed Legislative Bill 1074 into law, making Nebraska the 16th U.S. state to enact a comprehensive privacy law. The Nebraska Data Privacy Act (NEDPA) will take effect on January 1,...more
The consequences of a cyberattack can be catastrophic, as we saw in the previous blog of this series. Cybersecurity is a business-wide responsibility that demands a proactive strategy extending far beyond technical solutions...more
Editor's Note: In a significant study from MIT's CSAIL, researchers have unveiled vulnerabilities in smartphone ambient light sensors, highlighting them as potential channels for privacy breaches. This discovery underscores...more
In April 2023, we published an alert in relation to two European Commission legislative proposals: new Regulation 2023/0131 and new Directive 2023/0132, to replace the current EU regulatory framework for all medicines...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
On February 28, 2024, President Biden signed Executive Order (EO) 14117 titled “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” On March 5,...more
The California Privacy Protection Agency’s (CPPA) highly anticipated regulations for automated decision-making technology and risk assessment requirements are likely far from final. The CPPA met at the beginning of the month...more
In recent years, we have seen an increase in employers using artificial intelligence (AI) in the workplace, whether to assist with decision-making and staff management across the life-cycle of the employment relationship or...more