Data Retention and Document Holds
Trial by Tech: The Evolution of the Digital Courtroom – Speaking of Litigation Video Podcast
Information Security and ISO 27001
No Password Required: LIVE From Sunshine Cyber Con
Calculating eDiscovery Costs: Tips from Brett Burney
No Password Required: President at Constellation Cyber, Former FBI Translator, and Finder of Non-Magical Mushrooms
Managing Large Scale Review Efficiency: Tips From a GC
DE Under 3: US DOL Inspector General’s Office Report Cites IT Modernization & Security Concerns
RegFi Episode 8: The Technological Path to Outcomes-Based Regulation with Matt Van Buskirk
Podcast: Discussing Information Blocking with Eddie Williams
The Data Center Cooling Conundrum With Leland Sparks - TAG Infrastructure Talks Podcast
[Podcast] TikTok off the Clock: Navigating the TikTok Ban on Devices for Government Contractors
Everything Dynamic Everywhere: Managing a More Collaborative Microsoft 365
Law Firm ILN-telligence Podcast | Episode 62: Pierre Hurt, Lutgen & Associes | Luxembourg
ATL1, Atlanta Infrastructure and More With Brandon Peccoralo of Databank - TAG Infrastructure Talks Podcast
Expanded Information Block Rules Go into Effect
5 Key Takeaways | Current Perspectives Around the Convergence of Life Sciences and IT
No Password Required: A Child of the 1980s With a Knack for Storytelling, Comedic Timing, and Building an Elite Cybersecurity Team
Changing Hands: Keys To Downstream M&A IT Integration
Mia Reini and Monica Lopez Reinmiller on a Risk-Based Approach to Managing Employee Hotlines
Companies should not minimize the extent of a material cybersecurity incident by omitting material facts regarding the scope and potential impact of the incident. Cybersecurity risk factor disclosures should be tailored to a...more
WHAT: The FAR Council published a proposed rule to incorporate the Controlled Unclassified Information (CUI) Program into the acquisition process and, in doing so, seeks to more clearly define government and contractor roles...more
The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more
The Department of Commerce (Commerce) Office of Information and Communications Technology and Services (OICTS) has broad authority—born out of executive action during the first Trump administration—to identify and mitigate...more
The Cyber Security Bill 2024 ("Cyber Bill") tabled in the Australian Federal Parliament yesterday is set to bring significant changes to the cyber security landscape in Australia....more
The proliferation of cybersecurity regulations has the White House and Congress calling for harmonization to streamline regulations, focus on reciprocity, and decrease compliance costs. Senator Gary Peters (D-MI), chair of...more
With the announcement of UK General Election for Thursday 4 July 2024, the Data Protection and Digital Information Bill has not completed the legislative process before the end of the current parliamentary session and will...more
As Vermont joins the growing number of states with comprehensive consumer data privacy laws, it stands out from the crowd with the ability of Vermonters to bring a private right of action (PRA) against large data holders. In...more
In 2025, new federal reporting requirements will require hundreds of thousands of organizations to report cyber incidents within hours of discovery to the United States Government, marking a significant impact on how...more
The Cybersecurity and Infrastructure Security Agency (“CISA”) recently released its new Proposed Rule pursuant to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which was published in the...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
The Accreditation Overhaul for North Carolina (and Florida) Colleges - Last month, North Carolina Governor Roy Cooper signed House Bill 8 (HB 8) into law. In addition to establishing a new computer science requirement for...more
On 3 October 2023, the European Commission announced a public consultation regarding the draft implementing regulation (Draft Regulation) establishing the European Common Criteria-based cybersecurity certification scheme...more
State privacy laws are changing rapidly in the U.S. Here are summaries of seven new state laws that have been enacted and go into effect in the next few years. We anticipate that more state legislatures will continue to enact...more
On May 28, 2023, the Texas Legislature passed the Texas Data Privacy and Security Act (TDPSA). Once this law becomes effective on July 1, 2024, Texas will become the tenth state to adopt a consumer data privacy law. This...more
The New York Department of Financial Services (NYDFS) published its proposed amendment to its 23 NYCRR Part 500 (Cybersecurity Rules) on November 9, 2022, following the release of the draft version on July 29, 2022....more
Legacy identity and access management (IAM) is often considered a cumbersome, complex, and archaic monolith. In particular, legacy IAM often requires lengthy development time for updates and onboarding new applications,...more
On 14 October 2021, the White House brought together the representatives of more than 30 national governments to address the transnational nature of the threat posed by ransomware attacks. The meeting resulted in a joint...more
On January 9, 2021, the Biden Administration issued Executive Order (EO) 14034, to further address the declared national emergency with respect to the information and communications technology and services (ICTS) supply...more
CYBERSECURITY - Free Ransomware Service Offered to U.S. Hospitals - The Center for Internet Security (CIS) announced last week that it has launched the Malicious Domain Blocking and Reporting (MDBR) service to assist...more
UK Government set to move forwards with regulation on consumer IoT device security The UK Government has just announced that it intends to draw up legislation aimed at ensuring that all consumer smart devices sold in the UK...more
With the start of a new decade, our team wants to share an overview of the past year and a look ahead to the coming months. Please find here a review of relevant legislation that the General Assembly passed in 2019, a summary...more
Previously we reported on the Department of Defense (‘DoD”) efforts to develop a Cybersecurity Maturity Model Certification (“CMMC”) program to verify the status of contractor cybersecurity and compliance. The CMMC program...more
As information technology (IT) companies have known for years, the U.S. government regularly acquires inferior technology, often slowly and at high prices. The U.S. Department of Defense (DOD), which stands to benefit the...more
On September 21, 2015, the National Association of Insurance Commissioners (NAIC) IT Examination Working Group adopted amendments to the IT section of the Financial Condition Examiners Handbook (“the Handbook”). The changes...more