On Jan. 15, the Federal Trade Commission (FTC) announced a proposed settlement with web hosting giant GoDaddy over alleged violations of Section 5 of the FTC Act. Specifically, the FTC alleged that GoDaddy had violated the...more
In recent years, data breaches have escalated from isolated technical issues to significant legal battles. Businesses are witnessing a sharp rise in data breach lawsuits, underscoring the growing legal risks associated with...more
Compliance and Regulations - Ensure adherence to SEC regulations with appropriate privacy and cybersecurity policies tailored to SEC requirements....more
Summary: If you're tackling compliance and security challenges in an AI-driven world, this post is essential. Discover how Microsoft Purview and Copilot for Security streamline processes, enhance security, and boost...more
AI tools often drive efficiency and save money, but they have drawbacks. Here’s what to know....more
The SEC has been aggressively pursuing cybersecurity investigations and enforcement actions against public companies and foreign private issuers. In these actions, the SEC often alleges one of two theories: 1) that the...more
The Securities and Exchange Commission entered into a resolution agreement with R.R. Donnelley & Sons (RRD) on June 18, 2024 with RRD agreeing to pay $2.125 million to resolve disclosure and control violations alleged by the...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
As the Covid-19 Pandemic forces more employees than ever before to work from home (“WFH”), businesses face new and different data privacy and security risks. This change is not lost on U.S. regulators, but it does not mean...more
The security and confidentiality of a company’s data is paramount. As businesses grapple with the COVID-19 pandemic and the need for employees to work remotely, it is important to remain focused on ensuring the security and...more
As employers respond to the ongoing COVID-19 coronavirus pandemic, many are implementing work-from-home policies and establishing situational teleworking opportunities for their employees. While remote-work technology can...more
We are living in the age of data and big data, where everyone wants to collect as much information as possible. The ability to analyze and monetize such information is a key strategy and selling point for many businesses. ...more
The SEC, through its Office of Compliance Inspections and Examinations (“OCIE”), recently issued its most detailed cyber guidance to date. OCIE had previously issued several cybersecurity risk alerts over the past few years....more
The SEC’s Office of Compliance Inspections and Examinations published a series of observations gleaned from thousands of exams over a period of years. While OCIE’s charge is the inspection of certain SEC registrants the...more
On January 16, the Commerce Department’s National Institute of Standards and Technology (NIST) released version 1.0 of its Privacy Framework: A Tool for Privacy Through Enterprise Risk Management. The product of a two-year...more
On January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) went into effect. The CCPA applies to a wide range of companies and broadly governs the collection, use and sale of personal information of California...more
Q: How is the shift of medical devices moving to the Internet of Things affecting the health care industry? A: Connected medical devices routinely record sensitive health information about a patient. This critical...more
While hospitals remain focused on restoring health to their patients, they must not let their defenses down when it comes to robust cybersecurity practice that safeguards their patients' information....more
Information is one of your company’s most valuable assets. It is critical to remain vigilant to protect against the latest cybersecurity threats and to comply with expansive privacy obligations. Join us in New York City for...more
Information is one of your company’s most valuable assets. Now more than ever before, it is critical to remain vigilant to protect against today’s latest cybersecurity threats and to comply with increasingly expansive privacy...more
Ninth hearing on Competition and Consumer Protection in the 21st century highlights challenges of addressing persistent threats to data security. On December 11 and 12, the Federal Trade Commission (the FTC or the...more
Just when you thought the hazards of cyberfraud couldn’t get worse, the SEC recently issued a Report of Investigation (more on that later) stating that nine recent corporate victims of cyberfraud may have compounded their...more
In an October 16, 2018 investigation report, the Securities and Exchange Commission found that nine companies that suffered Business Email Compromise, or BEC, had insufficient internal controls to prevent such attacks....more
Tom Curry, a partner in Nutter’s Corporate and Transactions Department and a co-leader of the firm’s Banking and Financial Services Group, and Seth Berman, a partner and leader of Nutter’s Privacy and Data Security practice...more