DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
No organization can eliminate data breach risks altogether, regardless of industry, size, or even if the organization has taken significant steps to safeguard their systems and train employees to avoid phishing attacks....more
On October 16, 2024, the New York Department of Financial Services (NYDFS) issued an Industry Letter that discusses the cybersecurity risks associated with the use of artificial intelligence (AI) and outlines strategies to...more
In the aftermath of a vendor's hack that crippled an industry, ensure your business is up to date on best practices for mitigating the risks of third-party cyber incidents. Many businesses struggle to adequately consider the...more
Most people know what a deepfake is but have not put much thought into how it could affect business operations. Deepfakes are videos, pictures, or audio that have been convincingly manipulated to misrepresent a person saying...more
Join members of McDermott’s Global Privacy & Cybersecurity team and Alan Gutierrez-Arana of Mazars for the next installment in our PCI DSS 4.0 series. PCI DSS 4.0 brings major changes to payments with an increased focus on...more
The global cyber threat landscape is rapidly evolving. The number of attacks, threat vectors, and endpoints continues to grow exponentially alongside the average time to detect and respond to a security incident. Today,...more
On March 9, 2022, the U.S. Securities Exchange Commission (the Commission) announced proposed amendments to its rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies...more
In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more
Data breaches by large companies have been in the news for some time. Over the last several years several companies, including Marriott, Yahoo and Volkswagon, have been victimized by hackers who have broken into a company’s...more
Wherever you look, it feels like cyberattacks are becoming increasingly common. Criminal hackers are making the headlines every day, stealing the personal information of millions of people, ranging from birthdays to Social...more
It’s been, as the song goes, a long, long time coming. In April, the Department of Labor issued its first ever formal cybersecurity guidance for retirement plan sponsors and retirement plan fiduciaries, and for the service...more
Law firms are prime targets for hackers. Why? Because their computer networks contain highly concentrated, high-value information about many parties that is often not well-protected. One often-overlooked vulnerability is the...more
As of 2018, the DOL estimates that there are 34 million defined benefit (DB) plan participants in private pension plans and 106 million defined contribution (DC) plan participants with combined assets of $9.3 trillion....more
Developing Contingency Plans: The NYDFS Mandate on Licensed Virtual Currency Businesses - The events surrounding COVID-19 have increased the use of fintech products, both out of necessity and convenience. Shelter-in-place...more
The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency. The announcement from the Superintendent of Financial Services of the State...more
The Financial Stability Board (FSB) published on December 9, 2019, its report on financial institutions’ increasing reliance on third parties to provide cloud computing services (the Report)....more
The FDIC and OCC have issued new guidance for banks on heightened cybersecurity risks facing the financial services industry because of increased geopolitical tensions and threats of aggression. The guidance published on...more
We all know that businesses rely on a large number of third-party vendors to support their business operations. Many of these third parties require access to a company’s data and its internal information and technology...more
Not to say, I told you so, but around the same time that the Capital One data breach occurred, I was reminding clients that nearly half of all significant data breaches or cyber-incidents occur because of internal actors. ...more
In light of a recent Wipro data breach, Wipro’s customers should move quickly to take operational and contractual precautions to help minimize the breach’s potential effects on their organizations. Wipro, the India-based...more
Most companies today use some form of cloud computing whether through software-as-a-service, platform-as-a-service, or infrastructure-as-a-service. Cloud computing’s cost-effective scalability can offer significant advantages...more
Colorado has enacted groundbreaking privacy and cybersecurity legislation that will require covered entities to implement and maintain reasonable security procedures, dispose of documents containing confidential information...more
South Carolina has become the first state to enact a version of the Insurance Data Security Model Law, which was drafted by the National Association of Insurance Commissioners (NAIC) in 2017. Governor Henry McMaster signed...more
The National Association of Insurance Commissioners (NAIC) has approved its draft of the Insurance Data Security Model Law (Model Law) via a meeting of its Executive and Plenary Committees. This important development follows...more
Data protection law is undergoing radical change that is impacting employers and trustees of pension schemes and all service providers to them. With effect from 25 May 2018 the European General Data Protection Regulation...more