Information Security and ISO 27001
A Compliance Officer Turned Board Member's Advice
Cyberside Chats: Protect Your Crown Jewels – Nobody breaks into a bank to steal the posters
No Password Required: The Philosopher CISO of Tallahassee Who Lives to Help Other People
Cyberside Chats - Zero Trust and Cyber Negligence: A conversation with Dr. Zero Trust Chase Cunningham
No Password Required: A Former Police Officer Who Embodies All the Qualities of a Great Leader
Modernize your Information Governance: Building a Framework for Success
CyberSide Chats: Recap of the White House Cyber Summit (with Amanda Fennell)
Canna We Talk Cannabis? Cybersecurity Risks Bring Growing Pains to Cannabis Businesses
The Importance Of Cybersecurity During A Merger & Acquisition Transaction
Phishing and Vishing and Smishing (Oh my!): New Types of Scams Require Increased Vigilance
The PRC National Technical Committee 260 on Cybersecurity of SAC (“TC260”) published new Guidelines on Identifying Sensitive Personal Information (“Guidelines”) on 18 September 2024, nearly three months after it released the...more
CYBERSECURITY - TechRadar's Cyber Predictions for 2024 are Spot On - Because technology develops so rapidly, and “trends” are fast and furious, it is always hard to predict what the big issues will be for the next...more
Each month, we publish a roundup of the most important SEC enforcement developments for busy in-house lawyers and compliance professionals. This month we examine: • Fraud and internal control failure charges against...more
China's Cybersecurity Law ("CSL"), Personal Information Protection Law ("PIPL") and Data Security Law ("DSL") set a series of rules and requirements for the cross-border transfer of personal information located in China....more
In recent years, alongside the rapid development of the digital economy and the concomitant increase in data generation, collection, processing and monitoring in the People’s Republic of China (PRC or China), the Chinese...more
The FTC recently issued a proposed order that would settle an enforcement action against Drizly, LLC and its co-founder and CEO, James Rellas, arising from data breaches in 2018 and 2020 that affected over 2.5 million...more
In the late summer, the Consumer Financial Protection Bureau (CFPB) issued a circular that concluded in no uncertain terms that insufficient data protection or information security could be considered an unfair practice under...more
Exclusive roadmap reveals, immersive Q&A with top product & industry experts, live product demos, electrifying presentations, co-innovation opportunities, and so much more— all coming to you live from the heart of Nashville,...more
I'm still elated to see the return to in-person events - there is so much to share now that we're getting back together. Earlier this month, I returned to the stage at Legalweek to share ideas with the brilliant Linn Freedman...more
For those involved in supporting a privacy and data protection program, continued expansion of new regulatory requirements will likely be the biggest trend in the coming year. Whether it be new laws being discussed, pending,...more
The Commonwealth of Massachusetts is moving closer to passing consumer data privacy protection legislation with bipartisan support. The Joint Committee on Advanced Information Technology, the Internet and Cybersecurity...more
On November 1, 2021, the Personal Information Protection Law of the People’s Republic of China (the “PRC”) (the “Personal Information Protection Law”) went into effect, two months after the Data Security Law of the PRC (the...more
Report on Patient Privacy 22, no. 1 (January, 2022) - New Jersey issued its third settlement in three months on state-level health care privacy and security laws, announcing that three cancer care providers would adopt new...more
The federal government is trying to find as many ways as possible to handle the cybersecurity crisis facing the United States. While it is unlikely that Congress will pass a comprehensive federal cybersecurity law for the...more
Ari Kaplan recently spoke with Kenya Parrish-Dixon, a member of the ACEDS Global Advisory Board and the General Counsel and Chief Operating Officer for Empire Technologies Risk Management Group, a cybersecurity, information...more
Background - Growing awareness regarding cybersecurity concerns with the Internet of Things (IoT) has achieved a milestone with the promulgation of the IoT Cybersecurity Improvement Act (the Act), which was signed into law by...more
The current COVID-19 pandemic has forced many businesses online in order to survive. In many cases, businesses had no plans to be online. Others were forced to move online more quickly than planned. In order to assist these...more
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
In this day, data is often one of the most valuable assets companies have and it needs to be protected as such. Guarding data has become crucial for every business, no matter the size and industry. In the first half of 2019,...more
On January 1, 2020, California’s new Internet of Things (IoT) Security Law will go into effect. (Senate Bill 327.) Signed into law in September 2019, this is the first IoT-specific security law in the country. With all the...more
On January 1, 2020, the California Consumer Privacy Act (“CCPA”) becomes effective, and businesses around the world will be responsible for handling the personal information of Californians in accordance with the requirements...more
At the World Trade Organization’s (WTO’s) 2019 Public Forum last week—where members of the public, academia and civil society discussed ideas on the theme of “Trading Forward: Adapting to a Changing World”—a group of 28...more
In a set of recent settlements, the Federal Trade Commission (the FTC or Commission) resolved charges against two companies, ClixSense and D-Link, for failing to provide reasonable security and to live up to their data...more
“Internet of Things” devices are listening. And now the federal government is taking notice. As we reported in our Government Contracts and Investigations blog, to date, federal cybersecurity regulations for government...more