DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
As part of Data Privacy Awareness Week, Ward and Smith is spotlighting the most common types of data breaches that businesses encounter. In Part 1, we explored the industries most vulnerable to cyberattacks, highlighting the...more
It is no secret that ransomware dominates headlines, and cybersecurity incidents have become part of our everyday language. However, the criminal “business model” behind ransomware keeps evolving. Originally published in...more
No organization can eliminate data breach risks altogether, regardless of industry, size, or even if the organization has taken significant steps to safeguard their systems and train employees to avoid phishing attacks....more
In the aftermath of a vendor's hack that crippled an industry, ensure your business is up to date on best practices for mitigating the risks of third-party cyber incidents. Many businesses struggle to adequately consider the...more
When negotiating technology or data services contracts, businesses of all sizes and industries are now spending more time and attention on privacy controls. The increasing prevalence of comprehensive U.S. state privacy laws...more
On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions. Additionally,...more
In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more
Data breaches by large companies have been in the news for some time. Over the last several years several companies, including Marriott, Yahoo and Volkswagon, have been victimized by hackers who have broken into a company’s...more
Wherever you look, it feels like cyberattacks are becoming increasingly common. Criminal hackers are making the headlines every day, stealing the personal information of millions of people, ranging from birthdays to Social...more
Key Takeaways: ..On August 13, 2021, FINRA issued Regulatory Notice 21-29 (“RN 21-29”) to remind member firms that they must establish and maintain an adequate supervisory system, including written supervisory procedures...more
Modern business requires the engagement of professional services providers, such as IT services, marketing, software, data hosting, or other needed services. Far too often, though, the agreements governing these relationships...more
Data breaches are a hot topic and will undoubtedly get even hotter. Cybersecurity for your own enterprise isn’t enough — you must evaluate your vendors and determine if they’re prepared to resist cyberattacks. ...more
The FDIC and OCC have issued new guidance for banks on heightened cybersecurity risks facing the financial services industry because of increased geopolitical tensions and threats of aggression. The guidance published on...more
We all know that businesses rely on a large number of third-party vendors to support their business operations. Many of these third parties require access to a company’s data and its internal information and technology...more
Not to say, I told you so, but around the same time that the Capital One data breach occurred, I was reminding clients that nearly half of all significant data breaches or cyber-incidents occur because of internal actors. ...more
In June 2018, California enacted one of the most comprehensive privacy laws in the country, the California Consumer Privacy Act of 2018 (the “CCPA”). Although the CCPA will not go into effect until January 1, 2020, businesses...more
In light of a recent Wipro data breach, Wipro’s customers should move quickly to take operational and contractual precautions to help minimize the breach’s potential effects on their organizations. Wipro, the India-based...more
Data breaches are a reality that all businesses need to take seriously. Knowing your vulnerabilities is only part of the solution. You and your key stakeholders should be prepared with an incident response plan that defines...more
On May 16, DocuSign confirmed that a data breach resulted in widespread malware phishing attacks targeting its customers. DocuSign provides electronic signature solutions for many companies in the mortgage banking industry...more
Names, emails, credit card numbers, and home addresses: chances are good that your business collects client data with information that is valuable to hackers on the black market. A hacker will at some point try to access...more
As we previously reported, in December 2016 the New York Department of Financial Services (the “DFS”) announced that it was revising its proposed regulation that would require banks, insurance companies and other financial...more
This is the second installment in our interview with Steven Grossman, VP Strategy & Enablement at Bay Dynamics, the cyber risk analytics company. Here, Steven discusses the importance of aligning an institution’s risk...more
Companies need specific, well-executed plans to meet growing demands of federal and state agencies. While cybersecurity risks have increased, government regulation has traditionally lagged behind. Recently, some...more
On Aug. 11, 2015, federal prosecutors in the District of New Jersey and the Eastern District of New York unsealed indictments against nine individuals in the U.S. and Ukraine who were allegedly involved in a five-year,...more