• |

    Apr. 1, 2026

When the Phones Ring: What 100 Security Breaches Reveal About Candor, Fear and Trust in Crisis

An analysis of 100 breaches and thousands of press reports shows that empathy and transparency, not perfection, now define effective crisis leadership. Far from being soft, empathy uncovers critical facts, builds regulator trust and materially reduces risk. When breaches hit, starting with humanity delivers better outcomes than aggression ever has. In this guest article, Lowenstein Sandler partner Amy Mushahwar and Intrepid Agency president Chris Thomas parse their breach research findings, set forth the elements for crafting a trust-building response to an incident, provide guidance for putting those elements to work and offer examples of companies that got it right. See “‘Everyone Wants to Speak to the CISO’ and Other Realities of Addressing Vendor Breaches” (May 14, 2025).

Analyzing the New U.S. National Cyber Strategy and Executive Order on Scams

In March, the White House released a compact “Cyber Strategy for America” (Strategy) prioritizing an offense-oriented approach and public-private coordination to combat threat actors. The administration concurrently broke ground with an Executive Order (EO) to fight cybercrime and fraud schemes, which pledges to designate ransomware gangs as transnational criminal organizations and establishes a victim restoration program from clawed-back funds. This article analyzes the likely impacts of the Strategy and the EO on companies and national policy, and presents key aspects to watch, with commentary from experts at Aspen Digital, Boies Schiller, Skadden and Venable. It also reviews National Cyber Director Sean Cairncross’s recent public elaborations on the Strategy. See “Decoding the Administration’s First Cyber Executive Order” (Jun. 25, 2025).           

How the FTC’s COPPA Policy Statement Promoting Responsible Age-Verification Practices Impacts Companies

Children’s privacy remains front and center for the FTC. Through a new enforcement policy statement (Statement) issued at the end of February, the agency is promoting wider adoption of robust age-verification technologies pursuant to its authority to enforce the Children’s Online Privacy Protection Act Rule (COPPA). The Statement clarified that the FTC will not take enforcement action under COPPA against operators of general audience or mixed audience sites and services that collect, use or disclose PI for the sole purpose of determining a user’s age — provided they comply with certain conditions. This article discusses the Statement, with practical insights on how it will affect organizations and best practices from Nelson Mullins and Blank Rome. See our three-part series “Children’s Privacy Grows Up”: Examining New Laws That Now Protect Older Teens (Jan. 15, 2025), FTC Amends COPPA Rule and Targets Data Sharing (Jan. 29, 2025), and “Seven Compliance Areas for Protecting Teens” (Feb. 12, 2025).

Ex-Google CPO Keith Enright Joins Harvey AI

Legal AI company Harvey has hired Keith Enright, previously Google’s CPO for 13 years, as its chief strategy officer. He is slated to lead engagement with the judiciary, bar associations, legal educators and policymakers about the use of AI in those domains. Enright joins the company from Gibson Dunn & Crutcher, where he co-chaired the tech and innovation industry group. For commentary from Enright, see “Tips From Big Tech Leaders on Navigating Global Privacy Regulations” (Dec. 3, 2025); “CPOs Weigh In on Navigating Myriad Privacy and Security Laws Amid Dizzying Technological Advancements,” (Jun. 28, 2023); and “Tips From Google, Chase and P&G Privacy Officers on Developing Strong Privacy Leadership and When to Use Outside Counsel” (Aug. 23, 2017).

Most-Read Articles

Trailblazing Women – Contributions, Achievements and Observations of Outstanding Leaders

To mark International Women’s Day, Law Report Group editors, along with our colleagues across ION Analytics’ products, interviewed outstanding women in the industries and jurisdictions we cover. In this article, Jill Abitbol, Robin Barton, Rorie Norton and Megan Zwiebel profile notable women in the data privacy, cybersecurity, AI, private funds and anti-corruption law fields, including (i) Paula Howell Anderson, (ii) Gwendolyn Lee Hassan, (iii) Audrey Koh, (iv) Stacy Feuer, (v) Heather Egan, (vi) Jeewon Serrato, (vii) Stephanie Breslow, (viii) Anne Choe, (ix) Heather Wyckoff, (x) Angie Batterson, (xi) Jacqueline Eaves, and (xii) C. Dabney O’Riordan.

Enjoy reading their inspiring remarks here.