On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
2023 DSIR Report Deeper Dive into the Data
Cybersecurity: What Healthcare Providers Need to Know
2022 DSIR Deeper Dive: NFTs
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
Hot Topics: Risk Management for Cybersecurity
2022 DSIR Report Deeper Dive: The Expanding Landscape of State Data Privacy Laws
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
2022 DSIR Report Deeper Dive: Personal Data Deletion
Panel Pursuit: The Ins and Outs of Becoming a Preferred Panel Vendor - Unauthorized Access Podcast
2022 DSIR Deeper Dive: Ransomware
Get Me Off This Ride: Understanding the Emotional Rollercoaster After a Ransomware Attack - Unauthorized Access Podcast
2022 DSIR Report Deeper Dive: FTC
Cyber threats aren’t a distant possibility — they’re a daily reality. And according to IBM’s Cost of a Data Breach Report, they’re costing businesses more than ever. The global average data breach cost has surged to $4.88...more
In boardrooms, C-suites, and conference rooms across the country, the rapid pace of AI innovation is capturing the imagination of business leaders. Yet, amid this enthusiasm, there is a concerning trend, namely that many...more
Even the strongest IT/DR plans can fail if they aren’t proactive about avoiding these common mistakes. When systems go down, business grinds to a halt. Downtime leads to $9,000 in losses per minute on average, damaged...more
A Written Information Security Plan, or “WISP,” is essential for any organization that handles sensitive personal information. Here’s a quick breakdown of who needs a WISP and why, as well as a checklist to develop one:...more
As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
Organizations can prevent cyberattacks and minimize liability risks by reviewing and implementing these 10 important steps: Adopt a Zero Trust Network Access Framework, which requires all users to be authenticated,...more
New York’s Cybersecurity Regulation continues its phased roll-out on November 1, when licensed financial services companies face a host of new requirements aimed at bolstering breach readiness and improving their ability to...more
Connecticut Attorney General William Tong announced on October 21, 2024, that his office has settled a data breach case against Guardian Analytics, Inc. for $500,000. The data breach affected the personal information of...more
Our Consumer Protection/FTC and Privacy, Cyber & Data Strategy teams unpack Starwood Hotels’ and Marriott International’s settlements with the Federal Trade Commission and Marriott’s settlement with state attorneys general...more
The cyber breach at Change Healthcare in 2024 stands out as one of the most significant cyber-attacks in recent memory. Its repercussions extend far beyond immediate industry disruptions, resonating deeply in regulatory...more
Virtually all organizations have an obligation to safeguard their personal data against unauthorized access or use, and, in some instances, to notify affected individuals in the event such access or use occurs. Those...more
Share on Twitter Print Share by Email Share Back to top “The basic idea for covered firms is if you’ve got a breach, then you’ve got to notify. That’s good for investors.” Those were among the remarks that U.S. Securities and...more
Editor’s Note: This article covers valuable insights on artificial intelligence’s (AI) evolving role in cybersecurity and incident response shared during an expert panel discussion. As cybersecurity, information governance,...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
There are so many factors that go into breach response. Determining the size of the breach, time limitations, legal requirements, notification needs, urgency for containment, and interrupted business operations are just a...more
The modern security ecosystem is diverse and ever-changing, a place where cyber risk is top of mind for leaders at all levels, and threats to information / data security and privacy evolve at the speed of the technical...more
1. Introduction- China’s cross-border data transfer rules are unfolding in real time and taking clearer shape. On July 7, 2022, China’s cybersecurity regulatory agency, the Cyberspace Administration of China (“CAC”), issued...more
The Department of Justice recently announced the launch of its new Civil Cyber-Fraud Initiative (the “Initiative”) which intends to use the False Claims Act to pursue “cybersecurity-related fraud by government contractors and...more
A ransomware attack is no company’s idea of a good time, but I do sense one positive development emerging from the epidemic of attacks we’ve witnessed this year: Boards and senior management agree that they must move beyond a...more
Purpose and Background of the GLBA - The Gramm-Leach-Bliley Act (“GLBA”), also known as the Financial Services Modernization Act of 1999, is a federal statute enacted by Congress in 1999 that requires financial...more
Consistent with its increasing activity in the cybersecurity enforcement space, in March 2021, the NYDFS issued its first penalty under the Cybersecurity Regulation. This client alert explores the settlement and offers...more
As reported last week, a state-sponsored hacker may have breached multiple U.S. government networks through a widely-used software product offered by SolarWinds. The compromised product, known as Orion, helps organizations...more
Thus far, telehealth breaches have been exceedingly rare, but as telehealth is increasingly used, telehealth data breaches and similar incidents may become more commonplace. Here are 10 steps for responding to a telehealth...more
Our Regional Compliance Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational opportunities for...more