With the onslaught of new privacy, AI and cyber legislation coupled with promises for enforcement and class action litigation, running a well-functioning and flexible privacy and cyber program is increasingly a critical...more
In recent years, data breaches have escalated from isolated technical issues to significant legal battles. Businesses are witnessing a sharp rise in data breach lawsuits, underscoring the growing legal risks associated with...more
Compliance and Regulations - Ensure adherence to SEC regulations with appropriate privacy and cybersecurity policies tailored to SEC requirements....more
The SEC has been aggressively pursuing cybersecurity investigations and enforcement actions against public companies and foreign private issuers. In these actions, the SEC often alleges one of two theories: 1) that the...more
A new report from Beyond Identity focuses on old, but very important issues—ending access rights to network systems by terminated employees and the rampant sharing of passwords....more
As the Covid-19 Pandemic forces more employees than ever before to work from home (“WFH”), businesses face new and different data privacy and security risks. This change is not lost on U.S. regulators, but it does not mean...more
We are living in the age of data and big data, where everyone wants to collect as much information as possible. The ability to analyze and monetize such information is a key strategy and selling point for many businesses. ...more
The best way for a company to handle a data breach is to be prepared. As we discuss in our data breach readiness handbook, preparation includes, among other things, drafting an incident response plan, reviewing...more
The recent global ransomware attack (WannaCry) was yet another reminder of the increased threat posed by cyber breaches. While cybersecurity attacks are inevitable, organizations (and their directors and officers) may still...more
Many law firms now have a designated general counsel, or a group of counsel, tasked with managing myriad legal matters for the firm. What are some top-of-mind priorities for these GCs today as they strive to keep their firms...more
The news regularly reports on data breaches and cybersecurity. While we read about the biggest breaches – Home Depot, Target, Anthem, JP Morgan, Wyndham – probably every business has been hacked and will be hacked again. ...more
If you read one thing... - On September 15th, the SEC OCIE announced in a Risk Alert it will launch a second round of cybersecurity examinations of registered broker-dealers and investment advisers, which will be more...more
Employees are the front line of your information security defense. While technological protections are essential (for example, anti- virus software, firewalls, spam filters, etc.), none are as effective as a vigilant end...more
In this issue: - Navigating Public Company Cybersecurity Obligations: Advising Boards and Disclosing to Investors - FTC Updates School-Related COPPA Guidance - Status Update on the EU Data Protection...more
The title, of course, begs the question: does your business even have an Information Governance Program? If not, you should get one—quick. An integrated Information Governance Program is considered a “best practice” to...more
. . . a data breach class action. Hackers and plaintiffs’ lawyers could combine to make 2014 the year when class actions concerning theft of sensitive information proliferate. On this 11th Day of Privacy, we look...more