• |

    Jun. 25, 2025

Decoding the Administration’s First Cyber Executive Order

A new cybersecurity executive order (EO) issued by President Trump rescinds an entire section on digital identity and softens several detailed requirements set forth in former President Joe Biden’s last-minute cybersecurity order from January. Yet, the EO retains many of Biden’s directives for agencies and businesses that work with them. This article highlights the EO’s most important changes, the administration’s effort to influence private sector cybersecurity through government procurement practices and the federal cyber policy priorities that businesses should heed, with insights from cyber practitioners at Goodwin, Holland & Knight, the Linux Foundation and Venable. See “Implications of the Trump AI Executive Order” (Mar. 26, 2025).

Leading Attack Vectors and Other Key Findings From Verizon 2025 Data Breach Investigations Report

Malicious attackers are increasingly turning their attention to system vulnerabilities, devices at the perimeter of an organization’s network and third-party service providers, according to Verizon’s most recent data breach study. Additionally, ransomware and human error remain significant concerns. The Verizon 2025 Data Breach Investigations Report (DBIR) is based on the analysis of more than 22,000 security incidents and more than 12,000 confirmed breaches. This article distills the key takeaways from the DBIR and a related Verizon webinar that examined the findings and offered guidance on mitigating the identified risks. See “Stolen Credentials, Phishing and Vulnerability Exploits Are Key Attack Vectors, According to Verizon Data Breach Report” (Jul. 12, 2023).

GCs’ Increasingly Critical Role in Managing Risk and Ensuring Compliance

As compliance requirements continue to evolve rapidly, the GC role has become more critical in avoiding regulatory entanglements and operational risks. Increasingly, in-house legal personnel are grappling with risk assessments, internal investigations, liaisons with regulators, strategic advice to executive staff and other areas not traditionally within the GC’s domain. This article, distilling insights and experiences shared by GCs and chief legal officers during the Compliance & Legal 2025 Annual Seminar, examines the growing internal and external responsibilities of the GC, including selecting and interacting with outside counsel. See “Top Tips for Effective GC Succession Planning and Training” (Nov. 8, 2023).

Former TikTok Privacy Counsel Joins Squire Patton Boggs in Sydney

Squire Patton Boggs has welcomed data protection and regulatory lawyer Tanvi Mehta Krensel as a partner in its data privacy, cybersecurity and digital assets practice group in Sydney. She arrives from TikTok, where she was product privacy lead for Asia-Pacific and emerging markets. For insights from Squire Patton Boggs, see “Advertising Opt‑Outs Drive New Privacy Strategies in 2025” (Dec. 18, 2024); and “Navigating Government Investigations of Privacy Practices” (Sep. 4, 2024).

Flaster Greenberg Expands Privacy and Cybersecurity Group to Include AI and Welcomes New Leader

Flaster Greenberg has welcomed Peter Wakiyama as a shareholder in the firm’s intellectual property department and leader of the artificial intelligence, privacy, and cybersecurity practice group. He arrives from Troutman Pepper Locke and will be based in West Conshohocken, PA.

Most-Read Articles

Women to Watch: Contributions, Achievements and Observations of Outstanding Female Professionals

To mark International Women’s Day, women editors and reporters at ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Law Report Group editors Jill Abitbol, Robin L. Barton and Megan Zwiebel profile notable women in data privacy, cybersecurity, private funds and anti-corruption law, including Anne-Gabrielle Haie, Jessica Lee, Micaela McMurrough, Laura Perkins, Amanda Raad, Madelyn Calabrese, Ranah Esmaili and Genna Garver. Enjoy reading their inspiring remarks here.

Celebrating Data Privacy Day 2025

Read the full brief here.

Cybersecurity Awareness Month

Read the full brief here.