When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
Uncovering Hidden Risks: Ep 13 - Unveil Data Security Paradoxes
Coyote, a new Brazilian malware, is currently hunting down credentials for sixty-one (61) different banking applications. Researchers expect the malware to spread internationally. Russian cybersecurity firm Kaspersky has...more
On October 27, the Federal Trade Commission (FTC or Commission) published a final rule expanding data breach notification requirements for certain financial institutions (Final Rule). Federal Register, will require entities...more
The Massachusetts State Police Commonwealth Fusion Center (CFC) believes that cyber actors may use the current bank failures for future phishing and business email compromise (BEC) attacks. Cyber actors often use current...more
Following the SolarWinds and the Colonial Pipeline cyberattacks, the Biden Administration emphasized a shift toward mandatory cybersecurity requirements. Throughout 2021, government agencies issued new cybersecurity guidance,...more
On November 18, 2021, the Federal Reserve, Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC) approved a new final rule regarding reporting of cyber incidents for U.S. banks...more
In Accenture’s 2018 State of Cyber Resilience for Banking & Capital Markets study, the consulting firm reported the rate at which cyber-attacks on banking and capital markets firms are successful dropped from 36 percent in...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
The New York Department of Financial Services has adopted detailed cybersecurity regulations for financial institutions. (Here). The NYDFS has filled a vacuum created by the failure of the federal government to act in this...more
Cybersecurity specialists at BAE Systems and Symantec announced last week new evidence suggesting that the criminals behind the notorious 2014 attack on Sony Corp. are also responsible for recent cyber-attacks involving 104...more
In December 2016, Thomas Curry, the Comptroller of the Currency, stated that cybersecurity was the single greatest systemic threat to our financial system. He was not being hyperbolic. Cybersecurity should be on...more
Last week, FinCEN (Financial Crimes Enforcement Network) issued a formal Advisory to Financial Institutions and published FAQs outlining specific cybersecurity events that should be reported through Suspicious Activity...more
The Federal Financial Institutions Examination Council (FFIEC)—the interagency body tasked with setting uniform principals and standards for the examination of financial institutions by federal prudential regulators,...more
It is said that a chain is only as strong as its weakest link. Often the same is said for an organization’s data privacy & security defensives. Could it be that the ubiquitous ATM machine is the weak link to the banking...more
Banks are tasked by the Uniform Commercial Code (the UCC) with using “commercially reasonable” security procedures when processing funds transfers. This responsibility is constantly evolving as bank fraud becomes more...more
In the span of two days, mobile device users learned of two data breaches that could compromise their personal data. In one, Experian (a credit reporting agency) reported that it was hacked, potentially putting 15 million...more
Biometric data – obviously not in just the movies anymore. It is alive, well, and increasingly being used in our everyday society. But, on September 23, 2015, when the Office of Personnel Management revealed that fingerprint...more
As financial institutions of all sizes continue to face unprecedented cybersecurity risk, the Federal Financial Institutions Examination Council (FFIEC) released its Cybersecurity Assessment Tool. The Assessment is...more
Hardly a week goes by without a news report of a new cyberattack. As any consumer affected by fraud knows, the harm is real. The impact on businesses, government, and other targets is also real, and includes monetary harm...more
In light of numerous recent data breaches, cybersecurity has emerged as an issue impacting organizations ranging from the local hardware store to the largest multi-national firms in the world. In short, no industry is immune...more
Part of Bradley Arant’s Privacy and Information Security Team’s seven-part Data Breach Toolkit Webinar Series, the “Data Breach Response Planning: Laying the Right Foundation” webinar, led by Paige Boshell and Amy Leopard,...more
The Federal Trade Commission (FTC) can regulate cybersecurity policies and procedures as “unfair” acts or practices under Section 5 of the FTC Act, the U.S. Court of Appeals for the Third Circuit has ruled in a very important...more
Banks and other companies subject to the CFPB’s jurisdiction face the possibility that the CFPB could begin using its authority under Sections 1031 and 1036 of the Dodd-Frank Act (which proscribe unfair, deceptive or abusive...more
Earlier this summer, the Federal Financial Institutions Examination Council (FFIEC) released its highly anticipated Cybersecurity Assessment Tool (Assessment), which is designed to assist financial institutions in identifying...more
The Federal Financial Institutions Examination Council (FFIEC) has recently developed a new tool to help U.S. financial institutions combat the increasing volume and sophistication of cyber attacks. To blunt threats to a...more
Five Lessons Health Care Companies Should Learn From Cyberattacks - The American health care industry is under attack by sophisticated hackers seeking access to electronic medical records. Since January, three health...more