Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Why Privacy Matters to Your Business and What's in Store for 2025
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
2024 Privacy Trends and Their Impact on Auto Finance – Moving the Metal: The Auto Finance Podcast
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
96% of companies currently use the public cloud, but Gartner predicts that there's more to that reliance than a convenient source of digital storage. Their leading experts believe that the cloud will be a business necessity...more
The Posture Visibility Problem - CrowdStrike Cloud Security Posture Management (CSPM) provides critical visibility into misconfigurations—such as publicly accessible storage, unencrypted assets, and overly permissive...more
According to Forbes, “in 2025, the landscape of enterprise resource planning (ERP) is set for a thrilling transformation,” with a shift toward cloud-native ERP solutions at the top of the list....more
Last month, the federal government announced a major overhaul of the Federal Risk and Authorization Management Program (“FedRAMP”) called “FedRAMP 20x”. FedRAMP 20x is moving forward fast – with new authorizations, community...more
Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more
FedRAMP 20x aims to increase efficiency through automation and removal of hurdles to FedRAMP authorization....more
The demand for data centers is continuing to accelerate, fueled largely by generative artificial intelligence (Gen AI), broader digital transformation, and organizations migrating to cloud infrastructure. Gen AI adoption...more
On Monday, March 24, 2025, the General Services Administration (GSA) launched FedRAMP 20x, as an effort to automate parts of the program and create collaboration with the industry to improve authorization process for cloud...more
WHAT: FedRAMP has announced that it will be working on a new framework for authorization and assessment of cloud services for federal consumption, calling the initiative “FedRAMP 20X” (announcement here). In response to...more
FedRAMP Director Pete Waterman recently unveiled the “FedRAMP 20x” plan – a proposal designed to reimagine and reformulate the FedRAMP authorization process for federal government use of cloud-based products and services....more
Negotiating a service-level agreement sets clear expectations of each party's roles and responsibilities within online or cloud-based service arrangements. A service-level agreement (in particular, a "customer service-level...more
Over the last few years, the Federal Risk and Authorization Management Program (“FedRAMP”) Program Management Office (“PMO”) has released two draft guidance documents related to defining the applicable boundary for security...more
Citing the threats posed by foreign adversaries and criminal organizations, and seeking enhanced accountability for companies that provide software and cloud services to the federal government, the Biden administration has...more
More than two decades in, cloud computing is no longer a technology that requires a herald or proselytizer. What began with government agencies and then financial institutions seeking expanded storage solutions and an...more
Hosted by American Conference Institute, the 14th Advanced Forum on Global Encryption, Cloud & Cyber Export Controls returns for another exciting year with curated programming that brings together a global gathering of...more
On December 9th, 2021, a critical zero-day vulnerability, which has the potential of providing threat actors access to millions of computers worldwide, was discovered. Due to the critical nature of this vulnerability, and the...more
It was a crazy weekend for cyberattacks. People seem surprised, but those of us in the industry aren’t surprised one bit. It is very logical and foreseeable that hackers are leveraging attacks that have maximum disruption on...more
A widely reported flaw in popular software known as Log4j poses a severe cybersecurity threat to organizations around the globe, with hundreds of millions of devices at risk. Over the past week, government agencies,...more
While organizations have increasingly embraced cloud computing as a solution to their data management and other needs, they do so in an environment of heightened risks. Attacks on cloud providers are increasing, which makes...more
On April 30, 2010, the Federal Financial Institutions Council (FFIEC) issued Guidance on the use of cloud computing services and security risk management principles in the financial services sector. The Guidance reminds...more
Not to say, I told you so, but around the same time that the Capital One data breach occurred, I was reminding clients that nearly half of all significant data breaches or cyber-incidents occur because of internal actors. ...more
Most companies today use some form of cloud computing whether through software-as-a-service, platform-as-a-service, or infrastructure-as-a-service. Cloud computing’s cost-effective scalability can offer significant advantages...more
I have negotiated hundreds of SaaS agreements for dozens of software companies and I always hated when the company on the other side was a healthcare provider. Invariably, they would bring up Protected Health Information...more
I still remember typewriters. Heck, I still remember carbon paper, mimeographs and bag phones. Would a company, “back in the day”, have ever asked an employee, “hey, we need you to bring your own typewriter, desk,...more
Forrester recently issued its “2017 Predictions: Dynamics that Will Shape the Future in the Age of the Consumer,” which among others, makes interesting predictions relating to cybersecurity risks coming up in 2017....more