News & Analysis as of

Third-Party Cybersecurity Data Protection

Vedder Price

FINRA Publishes 2025 Regulatory Oversight Report

Vedder Price on

On January 28, 2025, FINRA published its annual regulatory oversight report for 2025 (Report), which highlights observations and findings from FINRA’s oversight programs. The Report covers 24 topics, and for each topic it...more

Clark Hill PLC

The Growing Cybersecurity Risks in the Cannabis Industry

Clark Hill PLC on

Those familiar with the industry know that cannabis retailers find themselves in a unique position compared to other product retailers. Cannabis retailers face significant regulatory hurdles to their operation—particularly in...more

Lowenstein Sandler LLP

Top AI Risks General Counsels Should Address

Lowenstein Sandler LLP on

Considering the rapid development and deployment of artificial intelligence (AI) in a wide array of applications and business sectors, it can be a daunting task for a company’s General Counsel (GC) to keep pace in identifying...more

Robinson+Cole Data Privacy + Security Insider

Privacy Tip #430 – GrubHub Confirms Security Incident Through Third Party Vendor

If you are a GrubHub customer, read carefully. The app has confirmed a security incident involving a third-party vendor that allowed an unauthorized threat actor to access user contact information, including some customer...more

Sheppard Mullin Richter & Hampton LLP

Looking Beyond FedRAMP – Lessons from the U.S. Treasury Cybersecurity Incident

In the ever-evolving world of cybersecurity, even organizations that meet stringent security standards can be victims of sophisticated cyberattacks. A notable example of this is the December 8, 2024 cybersecurity incident...more

Foley & Lardner LLP

President Biden Issues Second Cybersecurity Executive Order

Foley & Lardner LLP on

In light of recent cyberattacks targeting the federal government and United States supply chains, President Biden’s administration has released an Executive Order (the “Order”) in an attempt to modernize and enhance the...more

A&O Shearman

Hong Kong SFC issues circular on the use of generative AI language models

A&O Shearman on

The Hong Kong Securities and Futures Commission (SFC) has issued a circular that sets forth comprehensive guidelines and expectations for licensed corporations (LCs) regarding the responsible use of generative artificial...more

Wiley Rein LLP

Litigation Grows Around Website Technologies, With Focus on Sensitive Data

Wiley Rein LLP on

Data privacy-related lawsuits have skyrocketed in recent years. Federal courts saw over 900 data privacy dockets in 2020 – but witnessed a surge to 1,767 dockets in 2023. At the halfway point in 2024, federal court data...more

Society of Corporate Compliance and Ethics...

Corporate Use of Third-Party Artificial Intelligence (AI) Tools

At the 2024 SCCE European Compliance & Ethics Institute, Segev Shani, Chief Compliance & Regulatory Officer at Neopharm Group will be leading the session “Corporate Use of Third-Party Artificial Intelligence (AI) Tools.” In...more

Constangy, Brooks, Smith & Prophete, LLP

Take these steps to safeguard against third-party cyber threats

The ever-increasing privacy and security risks via third-party vendors and service providers were apparent in 2023 with news of large organizations such as MOVEit, Okta and AT&T being affected. Research has shown that 98...more

Miller Nash LLP

Data Privacy Week Series: Check Your Third-Party Agreements Against Internal Policies

Miller Nash LLP on

In honor of Data Privacy Week, each day this week Miller Nash is releasing one of our top five recommendations for where businesses should focus their privacy compliance efforts in 2024. If you need assistance reviewing your...more

Lerman Senter PLLC

FTC Proposes Updates to COPPA Rule

Lerman Senter PLLC on

The FTC is proposing significant changes to the Children’s Online Privacy Protection Act (COPPA) rule to place new restrictions on the use and disclosure of children’s personal information. The COPPA Rule requires websites...more

J.S. Held

Top 4 Cybersecurity Headaches Plaguing Financial Services Institutions

J.S. Held on

Most Financial Services Institutions (FSIs) have digital technology at their core. And a primary responsibility for most FSIs is “cyber-connect” customers – be they organizations or individuals – with their money simply and...more

Dechert LLP

Dechert Cyber Bits - Issue 20

Dechert LLP on

Pelosi Statement Dims the Lights on ADPPA - The prospects for the nation’s first comprehensive data privacy law, the American Data Privacy and Protection Act (the “ADPPA” or the “Bill”), dimmed after House Speaker Nancy...more

Jackson Lewis P.C.

Construction Industry: Data Security Considerations

Jackson Lewis P.C. on

No industry is immune to privacy and cybersecurity risks, and the construction industry is no exception. Those in the construction industry can protect against a potential cyberattack by understanding the risks and...more

Jackson Lewis P.C.

The RIPTA Data Breach May Provide Valuable Lessons About Data Collection and Retention

Jackson Lewis P.C. on

Efforts to secure systems and data from a cyberattack often focus on measures such as multifactor authentication (MFA), endpoint monitoring solutions, antivirus protections, and role-based access management controls, and for...more

Dentons

Even the DOL is Issuing Cybersecurity Instructions

Dentons on

In April, the Department of Labor, specifically the Employee Benefits Security Administration, issued cybersecurity guidance to assist in protecting “the retirement benefits of America’s workers.”  This guidance falls neatly...more

Cozen O'Connor

Water Filtration Retailer Settles Allegations Stemming From 2019 Data Breach

Cozen O'Connor on

New York AG Letitia James reached a settlement with online water filtration retailer Filters Fast LLC to resolve allegations that it failed to protect customers’ payment card information in a 2019 data breach in violation of...more

Jackson Lewis P.C.

Data Protection And The Role Of Vendor Management

Jackson Lewis P.C. on

The SolarWinds hack highlights the critical need for organizations of all sizes to include cyber supply chain risk management as part of their information security program. It is also a reminder that privacy and security...more

Sheppard Mullin Richter & Hampton LLP

Elements of Right-Sized Privacy Program: Appropriately Addresses Third Parties

To round out this series on right-sizing a privacy program, our last stop is thinking about the impact of working with third parties. There are many legal requirements to assess and/or to address in third party contracts when...more

ArentFox Schiff

FTC Zoom Settlement Requires Upgrades to Security

ArentFox Schiff on

The Federal Trade Commission (FTC) recently announced a settlement with Zoom Video Communications, Inc. (Zoom) after allegations that Zoom misled users through deceptive and unfair practices that made users believe their...more

Harris Beach Murtha PLLC

Education Data Privacy and Security Laws: Best Practices for School Districts

As if this fall weren’t hectic enough, school districts now need to prioritize compliance with a critical new regulation expanding New York state’s Education Law 2D. In effect since October 1, regulation Part 121 places new...more

Bricker Graydon LLP

FTC announces new and improved data security guidance

Bricker Graydon LLP on

On January 6, 2020, Andrew Smith, Director of the Federal Trade Commission (FTC) Bureau of Consumer Protection, announced three significant improvements to the FTC’s approach to data security enforcement cases....more

BakerHostetler

Steps to Develop a Mature Third-Party Risk Management Program With High-Risk Third Parties (Part 3)

BakerHostetler on

This blog is the third in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls, such as...more

Seyfarth Shaw LLP

FTC Touts Refined Approach to Data Security Enforcement

Seyfarth Shaw LLP on

Synopsis: On January 6, 2020, Andrew Smith, director of the Federal Trade Commission’s Bureau of Consumer Protection, outlined in a blog post the agency’s new approach to data security orders. The agency implemented this...more

45 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide