Information Security and ISO 27001
A Compliance Officer Turned Board Member's Advice
Cyberside Chats: Protect Your Crown Jewels – Nobody breaks into a bank to steal the posters
No Password Required: The Philosopher CISO of Tallahassee Who Lives to Help Other People
Cyberside Chats - Zero Trust and Cyber Negligence: A conversation with Dr. Zero Trust Chase Cunningham
No Password Required: A Former Police Officer Who Embodies All the Qualities of a Great Leader
Modernize your Information Governance: Building a Framework for Success
CyberSide Chats: Recap of the White House Cyber Summit (with Amanda Fennell)
Canna We Talk Cannabis? Cybersecurity Risks Bring Growing Pains to Cannabis Businesses
The Importance Of Cybersecurity During A Merger & Acquisition Transaction
Phishing and Vishing and Smishing (Oh my!): New Types of Scams Require Increased Vigilance
TracFone, the pre-paid phone company, recently settled with the FCC over allegations that the company failed to protect customer information during three different data incidents. According to the FCC, in each of the...more
This week, the Federal Communications Commission (FCC) announced a settlement with TracFone Wireless to resolve investigations into whether TracFone failed to reasonably protect its customers’ information from unauthorized...more
Learning Objectives: - Explain the evolution of state data protection laws over the past year - Explore the focus on protecting health consumers - Describe practical approaches on how to build a privacy program when...more
ISO 27001 is the leading standard for information security management systems. As Mel Blackmore, CEO of UK-based Blackmores explains, it is a framework that applies and is of value regardless of an organization’s size, sector...more
Our latest six eDiscovery case law rulings MAY be our best ever! See what I did there? Our May 2024 monthly webinar of cases covered by the eDiscovery Today blog discusses disputes related to prolonged lack of cooperation in...more
Keypoint: Colorado employers and controllers that collect and process biometric data and identifiers will need to comply with disclosure, consent, and retention requirements beginning on July 1, 2025. In late April, the...more
With escalating cyber risks and heightened regulatory scrutiny, every minute after a data breach is crucial. Sophisticated cybercriminals relentlessly target your organization’s most valuable asset: personally identifiable...more
Utah, among other privacy laws it has enacted or modified recently, has also modified its breach notification law. This follows last year’s changes to the law, which among other things codified the state’s Cyber Center....more
The recent ransomware attack against the Duvel Moortgat Brewery demonstrated the very real risk that cybersecurity incidents pose to the alcohol industry, reportedly halting operations for several days at four of Duvel...more
NETWORK AND INFORMATION SECURITY 2 DIRECTIVE (NIS2) - WHO WILL BE IN SCOPE? Operators of essential and important services across various sectors including energy, transport, banking, health, medical devices, chemicals...more
Hosted by American Conference Institute, the 14th Advanced Forum on Global Encryption, Cloud & Cyber Export Controls returns for another exciting year with curated programming that brings together a global gathering of...more
Pressure for companies to use AI to gain a competitive advantage (or at least not fall behind versus competitors) is steadily rising, and in 2024, CEOs will push their Legal, Compliance, Privacy, and IT Teams to deploy AI...more
CYBERSECURITY - TechRadar's Cyber Predictions for 2024 are Spot On - Because technology develops so rapidly, and “trends” are fast and furious, it is always hard to predict what the big issues will be for the next...more
As the relentless march of technology continues, scams have evolved into cunning traps, presenting a challenge to individuals of all ages. Among the great tapestry of age groups, despite the wealth of experience and...more
Each month, we publish a roundup of the most important SEC enforcement developments for busy in-house lawyers and compliance professionals. This month we examine: • Fraud and internal control failure charges against...more
In the last two decades, incident response has evolved significantly, adapting to the dynamic cyber threat landscape. As the internet became an integral part of daily life, cyber threats escalated in scope and scale. This...more
On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more
This is an advisory update of key responsibilities for contractors under a proposed new Federal Acquisition Regulation (FAR) rule that standardizes cybersecurity requirements for a Federal Information System (FIS). The...more
This week, the SEC filed a high-profile litigation asserting fraud and internal controls charges against software company SolarWinds Corporation and its Chief Information Security Officer, Timothy G. Brown, in connection with...more
The US Securities and Exchange Commission (SEC) Division of Examinations recently released its 2024 Examinations Priorities, a yearly report that provides insight into the Division’s areas of focus to improve compliance,...more
On October 16, 2023, the U.S. Securities and Exchange Commission (“SEC”) Division of Examinations (the “Division”) released its annual Examination Priorities for fiscal year 2024 (the (“Report”), marking the first time the...more
On October 5, 2023, the Information Security Oversight Office (ISOO) and the Small Business Administration (SBA) released a Joint Notice that provides guidance on the facility security clearance (FCL) requirements for joint...more
Perkins Coie's Privacy & Security practice maintains this comprehensive chart of state laws regarding security breach notification. The chart is for informational purposes only and is intended as an aid in understanding each...more
The Small Business Administration (SBA) and the Information Security Oversight Office (ISSO) have issued a Joint Notice to clarify how Facility Security Clearances (FCLs) (also called Entity Eligibility Determinations, or...more
Incident response (IR) has undergone a drastic transformation in the past two decades, adapting to the relentless evolution of the cyber threat landscape. In the early 2000s, as the internet became more deeply ingrained in...more