No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
On February 10, the Securities and Exchange Commission (SEC) granted relief exempting industry members from reporting a natural person’s name, address, and year of birth to the Consolidated Audit Trail (CAT). Industry members...more
As the last two years have clearly demonstrated, no organization is immune from cyberattacks. Indeed, numerous studies have reported that a majority of businesses have been impacted by at least one cyberattack over the past...more
On May 16, the Securities and Exchange Commission (“SEC”) announced the adoption of amendments to Regulation S-P, aimed at modernizing and enhancing the rules governing the treatment of consumers’ nonpublic personal...more
The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more
On May 15, 2024, the Securities and Exchange Commission (the “SEC”) issued final amendments (the “Amendments”) to Regulation S-P (originally adopted in 2000), which governs the treatment of a customer’s nonpublic personal...more
CYBERSECURITY - SEC’s Hacked X Account Leads to Tumultuous Bitcoin Market - The Securities and Exchange Commission has confirmed that its X account “was compromised, and an unauthorized post was posted.” The SEC...more
CYBERSECURITY - Hackers Steal $4.4M Crypto Using Data Linked to LastPass Breach - According to Bleeping Computer, crypto fraud researchers at ZachXBT, and MetaMask developer Taylor Monahan have reported that on October 25,...more
In Short - The Situation: Following a cyberattack on a law firm's systems, the Securities and Exchange Commission ("SEC") subpoenaed the firm for information, including the identity of clients whose information may have...more
“Material Cybersecurity Incident” Standard Will Have a Monumental Impact on Current Cyber Disclosure Requirements - On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted the Cybersecurity Risk...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
Gary Gensler, Chair of the U.S. Securities and Exchange Commission (SEC), signaled a new era of cybersecurity law (and accompanying enforcement) in his keynote address “Cybersecurity and Securities Laws” on January 24, 2022,...more
In a speech to the Securities Regulation Institute conference last week, Chair Gary Gensler signaled the SEC may implement more stringent cybersecurity regulations, and in the meantime, would work to enforce existing...more
We continue our year-end review of SEC enforcement activity and turn our attention to a topic grabbing seemingly daily headlines across multiple industries: cybersecurity. As the risks – and realities – of cyberattacks...more
This past summer’s string of cyber enforcement actions signals that cybersecurity has become a top priority for the US Securities and Exchange Commission (“SEC”). This focus is consistent with the SEC’s Division of...more
There is little doubt that the U.S. Securities and Exchange Commission is making cybersecurity a top priority. SEC Chair Gary Gensler told a Senate committee on Tuesday, September 14, 2021 that the agency is developing a...more
On August 30, 2021, the Securities and Exchange Commission (SEC) announced that eight broker-dealers and/or investment advisers will pay civil monetary penalties to resolve enforcement actions arising from cybersecurity...more
On August 12, 2020, the SEC Office of Compliance Inspections and Examinations (OCIE) published a Risk Alert that identifies potential issues related to the COVID-19 pandemic for SEC-registered investment advisers and...more
- The OCIE of the SEC highlights that responses to COVID-19 present important regulatory and compliance issues for SEC registrants, including “heightened risks of misconduct” tied to recent market volatility. - The Risk...more
With more people working remotely than ever before in light of COVID-19, firms in the private equity and hedge fund space should review their Regulation S-P privacy and information-safeguarding policies to ensure they are...more
The American Securities Association (“ASA”), a financial industry trade association representing regional and small financial services companies, has sued the Securities and Exchange Commission (“SEC”) to prevent the SEC from...more
The level of attention that the SEC’s Office of Compliance Inspections and Examinations has been giving to cybersecurity issues can hardly be overstated. ...more
Are You Ready for Canada’s New Privacy Breach Rules? Mandatory privacy breach notification, reporting, and record-keeping obligations under Canada’s federal data protection law, the Personal Information Protection and...more
The Office of Compliance Inspections and Examinations (the “OCIE”) issued a risk alert that provides guidance to broker-dealers and investment advisors for complying with the requirements of Regulation S-P on April 16, 2019. ...more
On April 16, 2019, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert summarizing numerous issues it found in its recent examinations of SEC-registered...more
The Securities and Exchange Commission is warning investment firms to step up their game when it comes to following the agency’s privacy rules. In a Risk Alert issued by the Office of Compliance Inspections and Examinations...more