No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Sitting with the C-Suite: Information Governance and eDiscovery - Key Compliance Issues for In-House Counsel
On October 27, the Federal Trade Commission (FTC or Commission) published a final rule expanding data breach notification requirements for certain financial institutions (Final Rule). Federal Register, will require entities...more
Continuing a trend it has been pursuing, the CFPB on Thursday used a non-rulemaking circular (Consumer Financial Protection Circular 2022-04) to state that its UDAAP authority extends its enforcement authority to situations...more
Following the SolarWinds and the Colonial Pipeline cyberattacks, the Biden Administration emphasized a shift toward mandatory cybersecurity requirements. Throughout 2021, government agencies issued new cybersecurity guidance,...more
On October 27, 2021, the Federal Trade Commission (FTC) announced revisions to its Safeguards Rule (Revised Safeguards Rule), which requires certain financial institutions to implement information security programs to protect...more
In early March, the New York State Department of Financial Services (“NYDFS”) announced a consent order that required Maine-based mortgage servicer Residential Mortgage Services, Inc. (“Residential”) to pay a $1.5 million...more
Ian Campbell, the President and CEO of iCONECT, has a design background and, prior to founding iCONECT, he worked in advertising and founded his own agency. In 2012 iCONECT launched its flagship review product, Xera, which...more
The New York Department of Financial Services (NYDFS) has launched its first enforcement action under New York’s Cybersecurity law for financial services, so-called Part 500. Part 500 requires NYDFS licensed institutions to...more
On July 21, 2020, the New York Department of Financial Services (DFS) filed a “Statement of Charges and Notice of Hearing” (the “Charges”) against First American Title Insurance Company (the “Company”) alleging violations of...more
Today we are very pleased to welcome guest blogger Moyara Ruehsen, PhD, CAMS, CFCS, who is an Associate Professor and Director of the Financial Crime Management Program at the Middlebury Institute of International Studies in...more
Developing Contingency Plans: The NYDFS Mandate on Licensed Virtual Currency Businesses - The events surrounding COVID-19 have increased the use of fintech products, both out of necessity and convenience. Shelter-in-place...more
The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency. The announcement from the Superintendent of Financial Services of the State...more
For the last 18 years, most financial services businesses could sum up their privacy practices with just four letters: G-L-B-A, also known as Title V of the Gramm-Leach-Bliley Act, Public Law 106-102, and its implementing...more
For the first time in 17 years, the FTC is proposing significant increases to the information security standards which apply to those financial institutions that are regulated by the FTC and are not already subject to similar...more
Cybersecurity company Carbon Black recently issued are port of the results of a survey of chief information security officers (CISOs) of financial organizations, which showed that the financial industry is getting hammered by...more
The FTC has proposed amendments to its 2003 Safeguards Rule and the 2000 Privacy Rule, applicable to financial institutions under the Gramm Leach Bliley Act (GLBA). ...more
Cybersecurity company Carbon Black recently issued a report of the results of a survey of chief information security officers (CISOs) of financial organizations, which showed that the financial industry is getting hammered by...more
With full implementation of New York’s groundbreaking cybersecurity regulation only six weeks away, the state’s top banking regulator took the opportunity to praise the many financial institutions that have adopted systems to...more
New Year’s is a time to look back on the happenings of the year and focus on the lessons and reminders those events have provided. For our final newsletter of the year, we’d like to share with you our top 10 most read posts...more
Less than three months after California passed the California Consumer Privacy Act of 2018 (CCPA), Governor Jerry Brown signed SB 1121 this week, making a number of technical and substantive changes to the law....more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
We all remember Kronos—the malicious malware that was sold by Russian underground forums in 2014 for $7,000. If you bought it, you were promised updates and development of new modules. ...more
A new bill introduced by House Financial Services subcommittee Chairman Rep. Blaine Luetkemeyer would significantly change data security and breach notification standards for the financial services and insurance industries. ...more
We reported last week that a spyware maker recently compromised users’ and victims’ sensitive information. Since that time, another spyware maker, mSpy, which holds itself out as having over a million users employing its...more