The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity – Part 1 — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
Data Resilience Masterclass: Navigating the Risks of the Digital Age - Data Risk and Resilience is a critical topic for modern businesses, especially within industries that handle vast amounts of sensitive information....more
Defining the role of inherent risk in cybersecurity - Inherent risk is a concept that while fundamental to cybersecurity, has largely been disregarded by popular cybersecurity risk guidelines and standards and remains arcane...more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
The National Institute of Standards and Technology (NIST) has released an initial public draft of NIST SP 800-171, Revision 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. Compliance...more
Biden Administration to Introduce New National Cyber Strategy for Critical Infrastructure - The Biden administration is reportedly working on a National Cyber Strategy for critical infrastructure that will advocate a more...more
Currently defense contractors who receive or create Controlled Unclassified Information (“CUI”) from or for the U.S. Department of Defense (“DoD”) are subject to several contract-based cybersecurity requirements, including...more
The National Institute of Standards and Technology (“NIST”) is seeking comments on its second draft of NIST SP 800-161 Rev. 1, “Cyber Supply Chain Risk Management Practices for Systems and Organizations,” published on October...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
Often one of the benefits of working with a capable cyber risk broker or insurer is that the covered business has access to supplemental services ranging from security assessments to budget-priced post-incident legal support....more
• The U.S. Department of Health and Human Services on Dec. 28, 2018, announced the release of the "Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients" that provides a "Call to Action" to make...more
Under DFARS Clause 252.204-7012, certain government contractors that store, process or transmit technical information that is controlled under the International Traffic In Arms Regulations (“ITAR”) or the Export...more
The National Institute of Standards and Technology (NIST) has issued an update to its Framework for Improving Critical Infrastructure Cybersecurity, which includes information relating to managing supply chain risks,...more
Businesses today have their work cut out for them. Small or large, no organization is immune from cybersecurity threats. Added pressures arise from stepped up government regulatory oversight and enforcement that targets an...more
All organizations, including financial institutions, continue to face significant security threats across their wide ranging IT systems. Such organizations are particularly vulnerable if they cannot track networked devices...more
The National Cybersecurity Center of Excellence is seeking comments on a draft practice guide, entitled “IT Asset Management (Special Publication 1800-5a)” which is “designed to help the financial services industry monitor...more
The CFTC recently approved the National Futures Association’s interpretive notice (the “Cybersecurity Notice”) on the general requirements that members should implement for their information systems security programs...more
These days information security is on the minds of virtually all technology professionals and business executives alike. But how does an organization ensure that their security profile is adequate. It can certainly help to...more
The Department of Defense (DoD) released interim rules implementing provisions of the 2013 and 2015 National Defense Authorization Acts. The rules, released on Aug. 26, 2015, are effective immediately and establish the...more
In 2013 alone, the U.S. Department of Homeland Security (DHS) and its Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) responded to more than 256 cyber-incident reports—more than half of them in the energy...more
In response to a growing demand for cybersecurity guidance in the health care industry, the National Institute of Standards and Technology (NIST), through its National Cybersecurity Center of Excellence, recently published a...more
The National Institute of Standards and Technology (NIST) cybersecurity center released a draft guide last week for health IT professionals to use to bolster security for the use of mobile devices in the health care industry....more