Sep. 27, 2023
Sep. 27, 2023
The Good, Bad and Ugly of Summer’s Cyber Incidents
Corporate cybersecurity improves, but so do cyber criminals’ techniques, and recent breaches reveal the increased risk that attacks will cause lingering damage. This article dissects the good, bad and ugly aspects of several breaches that occurred or were disclosed this past summer. It also offers five practical threat mitigation recommendations for companies, with insights from experts at BlackCloak, BlackFog and Privacy Ref. See “Recent FTC Cases Highlight Evolving Regulatory Expectations in the Use of Multi-Factor Authentication” (Dec. 14, 2022). Read full article …
CSRB Report on Lapsus$ Attacks: Moving Beyond MFA, Building Resilience and Mitigating Third-Party Threats
A recently released Cyber Safety Review Board (CSRB) report (Report) reinforces the need for all organizations to take steps to increase their cyber resilience. The Report offers practical cybersecurity recommendations based on its review of the activities associated with the threat actor group known as Lapsus$. With insights from Paul H. Luehr, a partner at Manatt, this second installment of a two-part article series discusses three areas framing the Report’s suggestions, including strengthening identity and access management, mitigating telecommunication vulnerabilities and building resilience. Part one covered key takeaways from the Report, attack techniques used by the threat actors and law enforcement cooperation. See “Four Steps to Secure Open-Source Software After CSRB’s Log4j Investigation” (Sep. 7, 2022). Read full article …
Changes Brewing for Enforceability of Non‑Compete Provisions
Until recently, common law jurisprudence and legislation regarding non-competition agreements related to employment matters seemed settled. Now, however, the New York State legislature has passed a bill that would ban virtually all employment-related non-competes (New York Bill), and the FTC has announced its intention to promulgate a rule broadly banning non-competes (Proposed Rule). Those proposals represent a fundamental shift in the law governing restrictive covenants in New York. This article analyzes the New York Bill and the Proposed Rule, raises questions about their implications, and explores how they might impact different aspects of non‑compete agreements. For more on the Proposed Rule, see “What Employers Should Know About the FTC’s Proposed Ban on Non-Compete Provisions” (Mar. 8, 2023). Read full article …
Former Federal Prosecutor and Cybersecurity Professional Joins Nardello
Investigations firm Nardello & Co. has welcomed former federal prosecutor Wendy Wu as a managing director in its Los Angeles office. She arrives from Wallbrook, an intelligence, due diligence and risk advisory consulting firm. For insights from Nardello, see “A Practical Look at the GDPR’s Data Breach Notification Provision” (Jan. 17, 2018). Read full article …
Most-Read Articles
-
Sep. 13, 2023
NYC AI Audit Law: What Five Companies Published – and How Others Avoid It -
Sep. 20, 2023
NYC AI Audit Law: A Best Practice Guide, From Choosing an Auditor to Avoiding Enforcement -
Aug. 30, 2023
Cyber and Privacy Program Checklists -
Jan. 5, 2022
Compliance Checklist for AI and Machine Learning -
Sep. 6, 2023
An Analysis of the Liberal and Strict Provisions in India’s New Privacy Law
Spotlight on Trailblazing Women
In honor of International Women’s Day, some of ION Analytics' editorial teams led by women interviewed notable women in the markets and industries we cover. In this part, the Cybersecurity Law Report highlighted notable women in compliance and hedge fund, data privacy and cybersecurity, and anti-corruption law, including Amii Barnard-Bahn, Abigail Bell, Genna Garver, Jane Horvath, Barbara Li, Amy Mushahwar, Mara Senn and Carol Widger. The interviews are here.