News & Analysis as of

Information Technology Data Protection Data Security

Dacheng

China Monthly Data Protection Update: March 2025

Dacheng on

This monthly report outlines key developments in China’s data protection sector for March. The following events merit special attention...more

Robinson+Cole Data Privacy + Security Insider

AI Governance: The Problem of Shadow AI

If you hang out with CISOs like I do, shadow IT has always been a difficult problem. Shadow IT refers to refers to “information technology (IT) systems deployed by departments other than the central IT department, to bypass...more

Mitratech Holdings, Inc

IT/DR Plan Spring Cleaning: How to Replace Outdated Policies

Ready to ditch outdated guidelines and adopt a fresh take on your IT Disaster Recovery plans? Spring is the season of renewal, making it the perfect time to refresh not only physical spaces but also strategies and...more

Purpose Legal

Proactive Steps for Protecting your Intellectual Property (IP) and Trade Secrets

Purpose Legal on

We live in an era in which information is a valuable commodity. Access to data, ideas, and trade secrets is in high demand, particularly for individuals or companies seeking to profit from this information. One way they gain...more

StoneTurn

2025 Incident Response Landscape: Practical Tips for Cybersecurity Readiness

StoneTurn on

Organizations seeking to improve their cybersecurity posture in 2025 must assess what happens after an incident has occurred, and how an incident response team will be able to mobilize to respond. This article provides...more

A&O Shearman

ESAs roadmap for designation of critical ICT third-party service providers under DORA

A&O Shearman on

The European Supervisory Authorities (ESAs) have published a roadmap for the designation of critical ICT third-party service providers (CTPPs) under the EU Digital Operational Resilience Act (DORA). The roadmap of key dates...more

Pillsbury - Gravel2Gavel Construction & Real...

Data Centers: A Field Guide

By one count, worldwide there were some 11,800 data centers in early 2024. Within that census are facilities so small that they fit in office building closets, while others are among the largest manmade structures on the...more

A&O Shearman

European Central Bank updates TIBER-EU framework to align with DORA RTS on TLPT

A&O Shearman on

The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more

StoneTurn

Do You Know Who Your Employee Is? Mitigating DPRK IT Worker Risk

StoneTurn on

North Korean IT operatives are infiltrating U.S. and Western companies using stolen or fabricated identities, VPNs, and U.S.-based co-conspirators to gain unauthorized access to corporate systems. These insider threats pose...more

Ankura

Cybercriminals Are Moving into the Cloud and Making Your Active Directory Their New Home

Ankura on

Financially motivated cybercriminals are increasingly targeting Cloud environments in their ransomware and/or extortion attacks. The attack activity of two (2) threat groups in particular – Octo Tempest (AKA Scattered Spider)...more

Mitratech Holdings, Inc

BCP & IT/DR: Why Your Business Continuity Strategy Needs Both

Balancing Business Continuity and IT Disaster Recovery is crucial for robust organizational resilience. So, how does your organization integrate both strategies for maximum impact?...more

Sheppard Mullin Richter & Hampton LLP

Data, Deals, and Diplomacy, Part III: DOJ Issues National Security Final Rule with New Data Compliance Obligations for...

On January 8, 2025, the Department of Justice (“DOJ”) published its final rule addressing Executive Order (E.O.) 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more

A&O Shearman

EU joint report on the feasibility for further centralization of reporting of major ICT-related incidents

A&O Shearman on

The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more

Morgan Lewis - Tech & Sourcing

Outsourcing and Technology 2025: Key Takeaways

On January 8, 2025, partners Doneld Shelkey, Mike Pierides, and Marina Aronchik presented an Outsourcing and Technology 2025 webinar as part of the Morgan Lewis Tech & Sourcing Webinar Series: Data 2025....more

Hogan Lovells

Security Snippets: CISA publishes sector-specific cyber performance goals for IT and product design

Hogan Lovells on

The Cybersecurity and Infrastructure Security Agency (CISA) unveiled new cyber performance goals aimed at addressing risks to software development and product design in the IT sector. Last week, the Cybersecurity and...more

A&O Shearman

The EU Cyber Resilience Act - What You Need to Know

A&O Shearman on

The EU Cyber Resilience Act (CRA) entered into force on 10 December 2024. The CRA is the first legislation of its kind in the world that aims to enhance the cyber security of products or software with a digital component...more

Jackson Lewis P.C.

FAQs for Schools and Persons Affected By the PowerSchool Data Breach

Jackson Lewis P.C. on

A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more

Wiley Rein LLP

Continued Remote Hiring Concerns in IT Sector: What to Look for in 2025 and How to Mitigate Business Risk

Wiley Rein LLP on

Remote worker fraud is expected to continue to proliferate in 2025. Fully remote hiring and work, particularly in the technology sector, continues to pose unique business and legal risks for companies. Just in December 2024,...more

Fisher Phillips

The Essential Questions to Ask Your AI Vendor Before Deploying Artificial Intelligence at Your Organization

Fisher Phillips on

Recent studies reflect that more than 75% of companies are either using or exploring the use of AI in their businesses, and more than 80% of employers consider AI a top priority in their future business plans. But finding the...more

Jones Day

New York Imposes Stringent Cybersecurity and Cyber Incident Reporting Obligations on Hospitals

Jones Day on

New York recently passed new cybersecurity regulations for hospitals licensed in New York to enhance patient safety and cybersecurity....more

Hinckley Allen

Today’s Menacing Cyber Threat Environment: What Organizations Need to Know to Quickly Respond to a Data Breach and Reduce the...

Hinckley Allen on

As the last two years have clearly demonstrated, no organization is immune from cyberattacks.  Indeed, numerous studies have reported that a majority of businesses have been impacted by at least one cyberattack over the past...more

Gray Reed

Three Data Privacy Lessons Learned from the Marriott Data Breach

Gray Reed on

Enforcement of data privacy laws across the US is in full force. Most recently, Marriott agreed to a $52 million settlement payment to 50 states, including $3.5 million to the State of Texas, following a data breach of 131...more

EDRM - Electronic Discovery Reference Model

[Webinar] Data Risk & Resilience Part III - Digital Forensics in your Incident Response Plan - September 19th, 1:00 pm - 2:00 pm...

Data Resilience Masterclass: Navigating the Risks of the Digital Age - Data Risk and Resilience is a critical topic for modern businesses, especially within industries that handle vast amounts of sensitive information....more

Coblentz Patch Duffy & Bass

2024 Mid-Year Privacy Report - A Comprehensive Look at New Developments in Data Privacy Laws

Introduction - 2024 has been another big year for privacy. Several new state privacy laws are going into effect, with several more coming in 2025, while a federal privacy law continues to be discussed that would further...more

EDRM - Electronic Discovery Reference Model

What Everyone Gets Wrong About Inherent Risk, and Why it Really Matters

Defining the role of inherent risk in cybersecurity - Inherent risk is a concept that while fundamental to cybersecurity, has largely been disregarded by popular cybersecurity risk guidelines and standards and remains arcane...more

192 Results
 / 
View per page
Page: of 8

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide