Information Security and ISO 27001
A Compliance Officer Turned Board Member's Advice
Cyberside Chats: Protect Your Crown Jewels – Nobody breaks into a bank to steal the posters
No Password Required: The Philosopher CISO of Tallahassee Who Lives to Help Other People
Cyberside Chats - Zero Trust and Cyber Negligence: A conversation with Dr. Zero Trust Chase Cunningham
No Password Required: A Former Police Officer Who Embodies All the Qualities of a Great Leader
Modernize your Information Governance: Building a Framework for Success
CyberSide Chats: Recap of the White House Cyber Summit (with Amanda Fennell)
Canna We Talk Cannabis? Cybersecurity Risks Bring Growing Pains to Cannabis Businesses
The Importance Of Cybersecurity During A Merger & Acquisition Transaction
Phishing and Vishing and Smishing (Oh my!): New Types of Scams Require Increased Vigilance
On April 23, 2025, Quebec’s Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents (Regulation) will come into force. Issued by...more
Hawaii’s State Data Office recently issued a series of guidance documents for its state agencies on how to handle artificial intelligence. This includes guidance on data protection, data retention and use of Generative AI....more
Country Status Legislation* Commentary Austria Available here Austria has submitted the “Network and Information Security Act” for Parliament’s consideration. It is anticipated that the “Network and Information Security Act”...more
With escalating cyber risks and heightened regulatory scrutiny, every minute after a data breach is crucial. Sophisticated cybercriminals relentlessly target your organization’s most valuable asset: personally identifiable...more
Utah, among other privacy laws it has enacted or modified recently, has also modified its breach notification law. This follows last year’s changes to the law, which among other things codified the state’s Cyber Center....more
CYBERSECURITY - TechRadar's Cyber Predictions for 2024 are Spot On - Because technology develops so rapidly, and “trends” are fast and furious, it is always hard to predict what the big issues will be for the next...more
On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more
Perkins Coie's Privacy & Security practice maintains this comprehensive chart of state laws regarding security breach notification. The chart is for informational purposes only and is intended as an aid in understanding each...more
Clearly defined roles and responsibilities are an essential component of an effective compliance program. Failure to adequately assign responsibility can lead to gaps in compliance coverage and a lack of accountability. ...more
Ideal for practitioners who have some compliance knowledge and are ready for a deeper dive, SCCE’s Basic Compliance & Ethics Academy provides comprehensive, classroom-style training in the essentials of managing a compliance...more
The FTC recently issued a proposed order that would settle an enforcement action against Drizly, LLC and its co-founder and CEO, James Rellas, arising from data breaches in 2018 and 2020 that affected over 2.5 million...more
Currently defense contractors who receive or create Controlled Unclassified Information (“CUI”) from or for the U.S. Department of Defense (“DoD”) are subject to several contract-based cybersecurity requirements, including...more
The legal profession is under constant threat of cyberattacks and breaches. Cybersecurity challenges exist in many contexts but the legal profession is particularly vulnerable due to its federated environment and disparate...more
The Colorado Attorney General’s Office published draft Colorado Privacy Act (CPA) rules on September 30, 2022. The draft rules are a complex and lengthy set of regulations that, if adopted without substantial modification,...more
All organizations are at different stages of cybersecurity risk management program development. These stages range from one end of the spectrum, where cybersecurity is not a consideration at all, to the opposite end where the...more
With the threat of cyber-attacks making the news, it is a good time for all non-profit organizations to review their policies and procedures with respect to data privacy. Many non-profit organizations are particularly...more
Are you looking to better… - Support, enhance, and manage a compliance and ethics program? - Mitigate risk within your organization? - Understand the components of effective program infrastructure? SCCE’s Basic...more
Exclusive roadmap reveals, immersive Q&A with top product & industry experts, live product demos, electrifying presentations, co-innovation opportunities, and so much more— all coming to you live from the heart of Nashville,...more
I'm still elated to see the return to in-person events - there is so much to share now that we're getting back together. Earlier this month, I returned to the stage at Legalweek to share ideas with the brilliant Linn Freedman...more
Thomas Vaughn is the current Chief Information Security Officer (CISO) of the City of Tallahassee and the former CISO of Florida. A kindhearted introvert who began his cybersecurity career in the Army and then the U.S. Coast...more
What are the implications for data privacy and information security in the Metaverse? The metaverse will create an “even more immersive and embodied Internet”, where users can meet friends, collaborate with colleagues, play...more
For those involved in supporting a privacy and data protection program, continued expansion of new regulatory requirements will likely be the biggest trend in the coming year. Whether it be new laws being discussed, pending,...more