Nov. 29, 2023

How Cybersecurity Professionals Can Handle Three Common Misconceptions

Between emerging technologies, a burgeoning legal and regulatory landscape to navigate, and growing and increasingly sophisticated threats, today’s cybersecurity professional has infinite challenges. Some of those difficulties arise in the context of others’ lack of knowledge regarding foundational concepts. In this guest article, Brownstein partner Jack Hobaugh reviews and discusses how to address three misconceptions that commonly plague cybersecurity professionals, including issues around vendor due diligence, encryption and what constitutes a data breach. See “Lessons From the Conviction of Uber’s Former CISO” (Nov. 9, 2022).

Implications of EDPB Meta Ruling on Behavioral Advertising Practices

The European Data Protection Board's (EDPB's) decision late last month instructing the Irish Data Protection Commission to impose a permanent ban on Meta Ireland’s processing of personal data for behavioral advertising purposes is likely to have reverberating effects across the entire advertising technology industry. The winding road of Meta’s years-long legal battles has been closely watched by privacy advocates, adtech companies and E.U. regulators alike. This article examines the procedural history of Meta’s multiple legal challenges leading up to the EDPB’s binding decision, and, with insights from Ropes & Gray, Fox Rothschild and Squire Patton Boggs, the practical implications for the adtech industry, including considerations around use of subscription models. See “E.U. Regulators Bar Meta From Requiring Users to Pay With Their Data” (Jan. 25, 2023).

Ransomware and Incident Response Considerations for Global Companies

Companies are dealing with a spike in cybersecurity disruptions or ransomware attacks impacting global operations. Those concerns have been more pronounced during military operations and, in an increasingly hostile political environment, during presidential election cycles. This article distills insights shared during the Practising Law Institute’s Global Data Protection 2023 program by a panel of government and private-sector experts on recent trends in threat actor behavior, government efforts, mitigation strategies, cyber insurance and board involvement. See our two-part series on lessons from the multinational takedown of Hive ransomware: “A Broad Impact” (Feb. 15, 2023), and “Coordination and Defensive Priorities” (Feb. 22, 2023).

Allen & Overy Adds Cybersecurity Partner Duo in London

Allen & Overy has added to its London team Ffion Flockhart as a partner and global head of cybersecurity, and Charlie Weston-Simons as a partner. They arrive from Norton Rose Fulbright and will work with clients to handle cyber incidents and manage data risk, from prevention to response.