• Search for " " on Law Report Group

    HOME

    TOPICS

    ABOUT US

  • |
  • Home
  • Topics A-Z
  • Regulations & Enforcement
  • Data Security
  • Data Privacy
  • In-House Essentials
  • Checklists
  • Events
  • About Us
  • Subscribe

Data Security

  • Risk Mitigation
  • Incident Response
  • Litigation

Mar. 29, 2023

Use of Alternative Data Continues to Grow, Says New Survey

Mar. 22, 2023

Cyber Risks in Aviation: Navigating Turbulent Skies Ahead

Mar. 22, 2023

Managing Legal Issues Arising From Use of ChatGPT and Generative AI: Industry Considerations and Practical Compliance Measures

Mar. 8, 2023

Best Practices to Combat Surge of Unwanted Data Scraping

Mar. 8, 2023

What Employers Should Know About the FTC’s Proposed Ban on Non-Compete Provisions

Mar. 1, 2023

Navigating the Interplay of Cyber Insurance With Other Potential Coverage

Mar. 1, 2023

Getting Used to Zero Trust? Meet Zero Copy

Feb. 22, 2023

Lessons From the Multinational Takedown of Hive Ransomware: Coordination and Defensive Priorities

Feb. 15, 2023

Lessons From the Multinational Takedown of Hive Ransomware: A Broad Impact

Feb. 15, 2023

Impact of Emerging Technologies on Financial Crime Risk Management

Feb. 15, 2023

Advice From a CISO and Lawyer on Best Practices in Information and Data Governance

Feb. 8, 2023

AI Governance Gets Real: Core Compliance Strategies

Feb. 8, 2023

How to Comply With the CPRA’s Data Minimization Standards

Feb. 8, 2023

Data Breaches and the Private Credit Market: Post-Breach Considerations

Feb. 1, 2023

AI Governance Gets Real: Tips From a Chat Platform on Building a Program

Feb. 1, 2023

Data Breaches and the Private Credit Market: Assessing Borrower Cyber Preparedness

Jan. 18, 2023

Electronic Communications, Cooperation Standards and Other Emerging Trends in the SEC’s Oversight of Private Funds

Jan. 11, 2023

A Ransomware Tabletop’s 360-Degree Incident Response View: Day Five Through Post-Mortem

Jan. 4, 2023

A Ransomware Tabletop’s 360-Degree Incident Response View: Days One to Four

Dec. 14, 2022

Recent FTC Cases Highlight Evolving Regulatory Expectations in the Use of Multi-Factor Authentication

Dec. 7, 2022

Google Settlement Shows DOJ's Increased Focus on Data Preservation

Nov. 30, 2022

Understanding and Implementing Privacy Audits

Nov. 16, 2022

Ransomware Evolution: Government Efforts and Cyber Insurance

Nov. 9, 2022

Ransomware Evolution: Growing Threats and Response Considerations

Oct. 26, 2022

Takeaways From the New Push for a Federal AI Law

Oct. 26, 2022

Navigating the Interplay of Breach Response and Breach Notification

Oct. 19, 2022

A New Era of Cyber Incident Reporting and Cybersecurity Regulation: How Companies Should Prepare and Engage

Oct. 12, 2022

A New Era of Cyber Incident Reporting and Cybersecurity Regulation: Key Provisions

Oct. 5, 2022

The Great Resignation: Cyber Risks in the Crypto Sector

Sep. 28, 2022

The Increasing Threat of Supply Chain Cyberattacks: How to Avoid Being a Statistic

Sep. 28, 2022

Using Software Bills of Materials to Bolster Security in Contracting

Sep. 21, 2022

Trio of Settled Enforcement Actions Highlights SEC Concerns About Identity Theft Policies and Procedures

Sep. 21, 2022

Held to Ransom: How Cyberattacks Can Become a Legal and Regulatory Odyssey for a Private Investment Fund

Sep. 14, 2022

Shaping the BIPA Landscape: Avoiding Liability

Sep. 07, 2022

Cyber Crisis Communications – “No Comment” Is Not an Option

Aug. 17, 2022

Understanding and Implementing DoD’s Cybersecurity Requirements

Aug. 17, 2022

The SEC’s 2022 Reg Flex Agendas: Major Proposals and Ambitious Timelines

Aug. 10, 2022

Protecting Against Crypto Theft

Jul. 27, 2022

A Checklist to Help Fund Managers Assess Their Cybersecurity Programs

Jul. 27, 2022

Employee Data Under the CPRA: Rights Requests, Privacy Policies and Enforcement

Jul. 20, 2022

Corporate Compliance and Enforcement Hot Topics With IBM VP Una Dean

Jul. 20, 2022

Employee Data Under the CPRA: Key Rights and Restrictions

Jul. 13, 2022

New AI Rules: Five Compliance Takeaways

Jul. 13, 2022

CPRA Draft Regulations: Essential Takeaways and 10 Actions to Take Now

Jun. 22, 2022

New AI Rules: States Require Notice and Records, Feds Urge Monitoring and Vetting

Jun. 15, 2022

New AI Rules: NYC First to Mandate Audit

Jun. 8, 2022

Revised DOJ Guidance Clarifies Liability Protections for Good-Faith Security Research

Jun. 1, 2022

Tesco Is Making Big Strides With Little Learning Leaps

May 18, 2022

Navigating the Intersection of Blockchain and Data Privacy Laws

May 4, 2022

Effective Use of Privacy Impact Assessments

May 4, 2022

Cybersecurity and Privacy Teams Join to Create Data Governance Councils

Apr. 13, 2022

Advice From a CPO on Balancing Insider Threat Management and Privacy

Apr. 6, 2022

How to Measure Whether Your Company Is Ready to Catch Lots of Phish

Mar. 30, 2022

Drafting Data and Cybersecurity Provisions in Third-Party Vendor Agreements

Mar. 30, 2022

As Email Scams Surge, Training Lessons From 115 Million Phishing Messages

Mar. 16, 2022

Securing Emerging Technologies Without Hampering Innovation: Government Initiatives and How Companies Can Adapt

Mar. 9, 2022

Securing Emerging Technologies Without Hampering Innovation: Private Sector Challenges

Mar. 2, 2022

Prioritizing Public-Private Partnerships in an Increasingly Complex Regulatory Environment

Feb. 23, 2022

Limiting Data Breach Liability in Cloud Service Agreements

Jan. 26, 2022

Lessons From SolarWinds

Jan. 19, 2022

Privacy and Security Due Diligence in M&A Transactions: Going Beyond the Questionnaire

Jan. 19, 2022

Privacy Resolutions for 2022

Jan. 12, 2022

Cybersecurity Resolutions for 2022

Jan. 5, 2022

A Guide to Privacy Frameworks: Implementation and Maintenance

Jan. 5, 2022

Using Technology to Build in Data Governance for Improved Security and Privacy

Dec. 15, 2021

A Guide to Privacy Frameworks: Finding the Best Fit

Dec. 15, 2021

Understanding Differential Privacy

Dec. 8, 2021

A Guide to Privacy Frameworks: Examining Options

Dec. 8, 2021

Privacy Tech Products Hold Promise but Sector Faces Hurdles

Nov. 17, 2021

Data Localization: Cybersecurity Challenges Abound

Nov. 17, 2021

Practical Approaches to Conducting Transfer Impact Assessments Under the GDPR

Nov. 10, 2021

Data Localization: New Compliance Headaches and Costs Across the Globe

Nov. 10, 2021

Cyber Insurance Litigation Trends Amid Rising Ransomware Attacks

Nov. 3, 2021

Checklist for Building an Identity-Centric Cybersecurity Framework

Nov. 3, 2021

Data Localization: Laws Spread and Enforcement Rises

Oct. 27, 2021

IOSCO Issues Final Guidance on AI and Machine Learning

Oct. 6, 2021

How to Build Insider Risk Programs to Satisfy Global Employee Privacy Laws

Oct. 6, 2021

Fund Managers Must Ensure Adequate Security Measures Under Safeguards Rule or Risk SEC Enforcement Action

Sep. 29, 2021

SEC Cybersecurity Disclosure Enforcement Heats Up: Best Practices

Sep. 29, 2021

Resilience CEO Explains Insurance Industry’s Ambitious Initiative to Bolster the Nation’s Cybersecurity

Sep. 22, 2021

Jacki Cheslow on IEEE’s Remote Program Assessment

Sep. 22, 2021

Examining the Intersection of Voiceprints and Data Privacy Laws

Sep. 15, 2021

Essential Technology Contract Elements

Sep. 15, 2021

Electronic Communications: Using Third Parties for Compliance, Mitigating Social Media Risks and Fulfilling Document Requests

Sep. 15, 2021

Leadership Insights From CPOs at Google, J.P. Morgan and Dow Jones

Sep. 8, 2021

Imperva’s Global Data Privacy Officer Discusses Privacy by Design

Aug. 18, 2021

A Look Inside Businesses’ Private Disputes Over Ransomware Costs

Aug. 4, 2021

Evaluating Privacy and Cybersecurity Risks in Emerging Technology Transactions: Artificial Intelligence and EdTech

Jul. 28, 2021

Incident Response in the Financial Services Industry

Jul. 28, 2021

Adopting a Cloud-First Mindset: How Operational Resilience and Security Issues Change Without On-Premises Infrastructure

Jul. 21, 2021

Understanding Common Hacking Techniques and Forensic Analysis

Jun. 23, 2021

How the NYDFS Drives Cybersecurity in the Financial Services Industry

Jun. 2, 2021

AI Compliance Playbook: Adapting the Three Lines Framework for AI Innovations

Jun. 2, 2021

Post-COVID Compliance Strategies: Dealing With Persistent Heightened Risks

May 26, 2021

CISA and DHS Counsel Explain Cybersecurity Executive Order’s Key Provisions

May 19, 2021

Negotiating Reps, Warranties and Remedies in Technology Contracts

May 19, 2021

Cybersecurity in a 5G World: Tackling the Challenges With Revised Strategies

May 12, 2021

How Law Firms Can Prevent, Detect, and Respond to Ransomware Attacks

May 12, 2021

How Three Companies Embarked on AI Compliance Journeys

May 5, 2021

Doing More With Less: Tools for Managing Third-Party Risk With Scarce Resources

May 5, 2021

Two Settlements Show NYDFS’ Hidden Power to Use Other States’ Breach Laws

Apr. 28, 2021

AI Compliance Playbook: Understanding Algorithm Audits

Apr. 28, 2021

Implementing NSA-CISA-FBI Advisory Mitigation Tactics for Vulnerabilities Exploited by Russia

Apr. 21, 2021

AI Compliance Playbook: Seven Questions to Ask Before Regulators or Reporters Do

Apr. 14, 2021

AI Compliance Playbook: Traditional Risk Controls for Cutting-Edge Algorithms

Apr. 7, 2021

Former Twitter and eBay Counsel Talks Overblown Fears, Third-Party Data Management, and CDA Section 230

Mar. 31, 2021

How Do You Put a System of Controls in Place When Your Target Keeps Moving?

Mar. 31, 2021

Managing Vendor Contracts From the Data Controller's Perspective

Mar. 24, 2021

Digital Identity Management in a Post-Pandemic World: A Framework for Identity-Centric Cybersecurity

Mar. 24, 2021

Privacy and Security Provisions in Vendor Agreements: Key Data Processing Considerations

Mar. 17, 2021

Digital Identity Management in a Post-Pandemic World: SolarWinds, Zero Trust and the Challenges Ahead

Mar. 17, 2021

Virtual Currencies: Opening a New Avenue for Financial Crimes

Mar. 17, 2021

Privacy and Security Provisions in Vendor Agreements: Assessing the Risks

Mar. 10, 2021

Preparing for the CPRA’s New Consumer Rights Requirements

Mar. 10, 2021

AI for Compliance: Five Workarounds for Asymmetric Data Sets

Mar. 10, 2021

Familiar and Fresh Mandates in Virginia’s New Privacy Law

Mar. 3, 2021

Six Ways to Address Privacy Concerns in Biometric Vendor Contracts

Feb. 17, 2021

A Fake Zoom Invite Hack: Eight More Lessons

Feb. 17, 2021

Wray Highlights Benefits of FBI Coordination With Public and Private Sectors

Feb. 10, 2021

A Fake Zoom Invite Hack: What Happened and Three Lessons

Feb. 10, 2021

What the New Information Security Reporting Standards Mean for Financial Institutions 

Feb. 3, 2021

How to Prevent and Handle Disputes Over Ransomware Insurance Claims

Feb. 3, 2021

Getting Started With CMMC: How to Prepare and What to Expect From the Assessment

Jan. 27, 2021

Getting Started With CMMC: Understanding Goals, Requirements and Challenges

Jan. 20, 2021

eDiscovery in Multi-Jurisdictional Investigations: Preparing to Play Multi-Level Chess

Jan. 20, 2021

Privacy Resolutions for 2021

Jan. 13, 2021

Cybersecurity Resolutions for 2021

Jan. 13, 2021

Can the Cybersecurity Industry Improve Cooperation to Beat Threats?

Jan. 13, 2021

Checklist for IoT Security Audits

Jan. 6, 2021

Maintaining Privacy While Staying Competitive in an Evolving Regulatory Landscape

Jan. 6, 2021

Six Practical Tips for Building an Effective Privacy Risk Assessment Program

Dec. 16, 2020

How Will the Biden Administration’s Approach to Cybersecurity Impact the Private Sector?

Nov. 18, 2020

Show Me the Data: How to Conduct Audits for Data Minimization

Nov. 18, 2020

Asset Disposal and Vendor Management Lessons From Morgan Stanley's OCC Settlement

Nov. 4, 2020

A Guided Tour of Enterprise IoT Device Hazards

Nov. 4, 2020

Vulnerability Management: Increasing Communication to Prevent Problems From Hiding in Plain Sight

Oct. 28, 2020

Vulnerability Management: Understanding the Risks of External Scanning

Oct. 21, 2020

Senior Commerce Official Discusses Supply Chain Security and Cyber Policy

Oct. 21, 2020

Steps to Take After OFAC and FinCEN’s Warnings on Ransomware Payoffs

Oct. 21, 2020

How Lockheed Uses Big Data to Evaluate Risk at Small Worksites

Oct. 14, 2020

Vulnerability Management: What You Don’t Know From Your External Scans Can Be Used Against You

Oct. 7, 2020

Tips and New Benchmarks for Creating Effective Tabletop Exercises

Oct. 7, 2020

How to Address Intensifying Enterprise IoT Security Risks

Oct. 7, 2020

Avoiding Denial of Insurance Claims During the Pandemic

Sep. 16, 2020

Four Principles Underlying Microsoft’s Compliance Analytics Program

Sep. 16, 2020

How Can Your Firm Avoid Being the Next Target of a Cultural Engineering Attack?

Sep. 9, 2020

IOSCO Offers Six Risk Mitigation Measures for AI and Machine Learning

Sep. 2, 2020

Business Continuity Plans, Budgets and More: Hot Compliance Topics for Investment Advisers

Sep. 2, 2020

Understanding and Evaluating Cyber Insurance in an Evolving Market

Aug. 12, 2020

Six Compliance Lessons From NYDFS’ First Cybersecurity Regulation Enforcement Action

Aug. 5, 2020

CCPA and Online Ads: Contract and Compliance Consequences

Aug. 5, 2020

How to Achieve Trustworthy AI Using the European Commission’s Final Assessment List

Jul. 29, 2020

CCPA and Online Ads: Facebook Finally Acts, AG Starts Enforcement

Jul. 29, 2020

Evolution and Mitigation of Insider Cyber Threats During COVID-19

Jul. 22, 2020

Business Continuity Planning: Key Provisions and Third-Party Considerations

Jul. 15, 2020

Back to the Table: CCPA Regulations Spark New Wave of Service-Provider Negotiations

Jun. 24, 2020

Perspectives From the Public and Private Sectors on Information Sharing During COVID-19

Jun. 17, 2020

The Current State and Future of AI Regulation

Jun. 3, 2020

How CISOs Can Use Digital Asset Metrics to Tell a Coherent Cyber Story to the Board

May 27, 2020

Insights on Building a Compliance Program at a New Company

May 27, 2020

How to Facilitate a Safe and Privacy Compliant Return to Work: Contact Tracing

May 13, 2020

Setting Your Company Up to Win Cyber Insurance Battles

May 13, 2020

NIST Privacy Framework: Privacy Controls for an Era of Digital Transformation

May 6, 2020

How Asset Managers and Others Can Mitigate Pandemic-Related Operational Risks and Maintain Business Continuity

May 6, 2020

NIST Privacy Framework: Insights on New Tool for Managing Privacy Risks

Apr. 29, 2020

The Pandemic Effect: How Compliance and Enforcement Are Evolving

Apr. 29, 2020

Understanding Insider Trading Based on Data Breaches Amidst Heightened Regulatory Scrutiny

Apr. 15, 2020

Six Ways to Be Prepared for the SEC’s Focus on Cybersecurity and Resiliency

Apr. 8, 2020

DOJ Guidance on How Companies Should Pursue Stolen Data on the Dark Web

Apr. 8, 2020

Wide-Ranging Lessons From Notable Breaches in Q1

Apr. 1, 2020

When Do Force Majeure Clauses Excuse Performance?

Mar. 25, 2020

Companywide Work From Home: Six Cybersecurity Considerations

Mar. 25, 2020

Are Companies Turning a Blind Eye to Their Lost Data on the Dark Web?

Mar. 18, 2020

The Keys to Encryption: Effective Policies, Legal’s Role and Third Parties

Mar. 18, 2020

The Ongoing Complexity of Vendor Risk: Top 5 Considerations for C-Level Leaders

Mar. 11, 2020

The Keys to Encryption: Legal and Regulatory Framework

Mar. 11, 2020

Privacy and Cyber Due Diligence in M&A Transactions

Mar. 11, 2020

NIST’s New IoT Standard: Inspiring a Wave of New Device Security Guidance

Mar. 4, 2020

The Keys to Encryption: Uses and Implementation Challenges

Mar. 4, 2020

Safeguards for Proper Disposal of Hardware: Effective Inventories, Policies and Due Diligence

Mar. 4, 2020

NIST’s New IoT Standard: Boosting Security As States Launch Laws

Feb. 19, 2020

Best Practices for Using Alternative Data: Mitigating Regulatory Risks

Feb. 12, 2020

Compliance Records Are a Strategic Gold Mine

Feb. 12, 2020

Best Practices for Using Alternative Data: Collection and Provider Management

Feb. 5, 2020

The Rise of Facial Recognition Technology: Mitigating Risk

Feb. 5, 2020

Defining, Implementing and Documenting “Reasonable Security”

Jan. 29, 2020

The Rise of Facial Recognition Technology: Mapping the Legal Framework

Jan. 22, 2020

The Rise of Facial Recognition Technology: Uses and Risks

Jan. 15, 2020

When Does Social Engineering Fraud Qualify for Insurance Coverage?

Jan. 8, 2020

How eBay and PayPal Use Key Performance Indicators to Evaluate and Improve Privacy Programs

Dec. 18, 2019

A New Norm: Prescriptive FTC Settlement With InfoTrax Addresses Reasonable Security Measures

Dec. 11, 2019

How to Handle E.U. Data Subject Access Requests

Dec. 11, 2019

Not Just GDPR: Examining the Other European Privacy Laws 

Dec. 4, 2019

U.K. and U.S. Sign First E-Evidence Pact Under the CLOUD Act: A Look at the Privacy Protections

Dec. 4, 2019

What Cyber Insurance Covers, What to Watch For and How to Get the Right Policy

Nov. 20, 2019

AI for Fund Managers and Beyond: How to Automate the Legal Department and Maintain Privacy

Nov. 13, 2019

Updating Cyber Policies to Align With Recent SEC Exams and Guidance

Nov. 13, 2019

Updating Vendor Agreements to Comply With CCPA: Non-Third Parties and Key Steps

Nov. 6, 2019

Updating Vendor Agreements to Comply With CCPA: Service-Provider Exemption and Corporate Approaches

Nov. 6, 2019

Choosing Cybersecurity Insurance in a New Risk Environment

Oct. 30, 2019

Reconciling Technology Development, Security and the Lawyer’s Role

Oct. 30, 2019

Guide to Cybersecurity Training: Assessing Effectiveness and Avoiding Pitfalls

Oct. 23, 2019

ICO Enforcement Takeaways After Marriott and British Airways

Oct. 23, 2019

CFTC Issues $1.5-Million Fine After Phishing Attack

Oct. 16, 2019

How Uber, eBay and Pitney Bowes Built Principles-Based Global Privacy Programs

Oct. 16, 2019

How Much Cyber Insurance to Buy Based on How Claims Are Paid

Oct. 9, 2019

DOJ Spotlights Emerging Issues and Protection Strategies Around Business Email Compromise Attacks

Oct. 2, 2019

CCPA Close-Up: Review of Amendments and How to Prepare for Compliance

Sep. 25, 2019

Vulnerability Disclosure Policies: A Cost-Effective Best Practice for Cybersecurity

Sep. 18, 2019

Strategies and Tactics for Developing an Effective Tabletop Exercise (Part One of Two)

Sep. 11, 2019

Using “Red-Teaming” to Test and Improve Cyber Defenses

Aug. 21, 2019

Third-Party Data Breaches Highlight the Importance of Vetting Vendors in Compliance With GDPR and CCPA

Aug. 14, 2019

Capital One Breach Demonstrates Risk of Overlooking Vulnerabilities When Sending Data to the Cloud

Aug. 7, 2019

Report Shows Strategic Buy-In From Executive Leadership Is the Key Driver of Successful Risk Mitigation

Aug. 7, 2019

Lessons From SDNY Ruling on How to Preserve Privileged Communications With Attorney Consultants

Aug. 7, 2019

How Facebook’s $5-Billion FTC Settlement Is Shaping Compliance Expectations

Jul. 17, 2019

Maine Enacts Sweeping Broadband Customer Privacy Law

Jun. 26, 2019

Preparing for the Latest SEC Cyber Sweeps

Jun. 19, 2019

Tips From Lockheed and Groupon on Developing GC-CISO Partnerships to Improve Security and Incident Response

Jun. 12, 2019

Dos and Don’ts of Choosing a Cyber Insurance Broker and Navigating the Application Process

Jun. 12, 2019

CCPA Priorities: Tackling Data Subject Rights Requests and Vendors

May 29, 2019

FINRA RegTech Conference Examines Digital Identification, Suspicious Activity Reporting and Machine Learning

May 15, 2019

What Does It Mean to Be Technologically Competent?

May 8, 2019

Making the Case for Increased Privacy Budgets Using Data and Diplomacy

Apr. 17, 2019

GPEN Report Highlights Key Areas for Data Privacy Improvement

Apr. 17, 2019

Guidelines for Securing Effective Cyber Insurance Policy Terms

Apr. 3, 2019

FCA Evaluates Firms’ Cyber Resilience

Mar. 27, 2019

How Private Equity Firms Can Mitigate Portfolio Company Cybersecurity Risk

Mar. 27, 2019

Companies May Need to Re-Examine Approach to Breach Response Preparedness According to Experian Survey

Mar. 27, 2019

Navigating the Risks of Alternative Data Collection and Use

Mar. 20, 2019

Increased Post-Breach Discovery Turns Spotlight on Privilege

Mar. 13, 2019

Mitigating the Risks of Open-Source Software

Mar. 6, 2019

The NYDFS’ Cybersecurity Regulation’s Third-Party Requirement and Beyond

Mar. 6, 2019

Benefits and Risks of Open-Source Software and How the Financial Sector Is Using It

Feb. 27, 2019

Preparing for the CCPA: Securing Buy-In and Setting the Scope

Feb. 20, 2019

Fixing the Chinks in Companies’ Cyber Armor: Executives

Feb. 20, 2019

ACA Aponix-NSCP Cyber Survey Finds Growing Numbers of Security Incidents, Cloud Use and Regulatory Burdens

Feb. 20, 2019

Implications of the Illinois Supreme Court’s BIPA Holding Against Six Flags

Feb. 13, 2019

Practical Ways to Incorporate Security Protection Into Supplier Agreements

Feb. 13, 2019

FINRA Report Addresses Common Cybersecurity Risks and Recommends Mitigation Measures

Jan. 23, 2019

Illinois Federal Court Denies Standing in BIPA Claim Against Google

Jan. 16, 2019

How a New Ethics Rule and Error in Manafort Case Highlight the Importance of Lawyers’ Technology Competence

Jan. 16, 2019

GDPR Provides Model for Privacy and Security Laws in Latin America and Asia (Part Two of Two)

Jan. 9, 2019

GDPR Provides Model for Privacy and Security Laws in Latin America and Asia (Part One of Two)

Jan. 9, 2019

Ten Cyber and Privacy Resolutions for the New Year

Dec. 19, 2018

Ponemon Report Cites Third-Party Risk Management Shortfalls and Offers Best Practices

Dec. 12, 2018

Illinois Appellate Decision Creates Split on Standing to Sue Under BIPA

Dec. 12, 2018

Implications of a Dynamic Regulatory and Threat Environment on E.U. and U.S. Cyber Insurance Markets

Dec. 5, 2018

Tips from EY’s Forensics Team on Recognizing and Preventing BEC Attacks

Nov. 14, 2018

Negotiating SaaS Agreements

Nov. 7, 2018

How to Improve Risk Analysis in the Wake of the Anthem’s Record Settlement

Nov. 7, 2018

WhiteHat Report on the Software Lifecycle and Visa Bug Bounty Program Demonstrate the Need for Greater App Security

Oct. 24, 2018

The Hidden Requirements in NYDFS’ Cybersecurity Regulation

Oct. 17, 2018

Using Cyber Insurance to Mitigate Risk: Policy Management and Breach Response

Oct. 10, 2018

Lessons From the SEC’s First Red Flags Rule Settlement

Oct. 10, 2018

Using Cyber Insurance to Mitigate Risk: Getting Savvy About Cost and Policy Terms

Oct. 3, 2018

Using Cyber Insurance to Mitigate Risk: Finding an Insurer and Navigating the Application Process

Oct. 3, 2018

Lax Privacy Policies, Security Measures and Vendor Oversight Lead to FTC Settlement for Mobile Phone Manufacturer

Sep. 26, 2018

Five Takeaways From the Fiserv Wake-Up Call

Sep. 19, 2018

Measures for Resolving Business Disputes Over Data Privacy and Security

Sep. 19, 2018

Evolving Roles of Privacy and Security Professionals: Operationalizing Policies, Incident Response and Vendor Management

Sep. 12, 2018

Information Sharing in the Private Sector: Lessons From the Financial Services Industry

Sep. 5, 2018

How the GDPR Will Affect Private Funds’ Use of Alternative Data

Aug. 22, 2018

Protecting Against the Security Risks of Departing Employees

Aug. 22, 2018

A Fund Manager’s Roadmap to Big Data: Privacy Concerns, Third Parties and Drones

Aug. 15, 2018

Checklist Approach to Effective Third-Party Vendor Oversight

Aug. 8, 2018

Essential Cyber, Tech and Privacy M&A Due Diligence Considerations

Jul. 18, 2018

GDPR Essentials for the Financial Sector: Compliance Steps (Part Two of Three)

Jul. 18, 2018

Overcoming Barriers to Cross-Border Data Flows, Contract Provisions and Other Digital Transformation Issues

Jul. 11, 2018

GDPR Essentials for the Financial Sector: Benchmarking and Assessing the Risks (Part One of Three)

Jul. 11, 2018

Is Encryption Obligatory? HHS Upholds Texas Hospital $4.3M HIPAA Fine 

Jun. 27, 2018

How to Maintain Effective and Secure Long-Term Vendor Relationships: Finding and Addressing the Issues (Part Two of Two)

Jun. 20, 2018

How to Maintain Effective and Secure Long-Term Vendor Relationships: Understanding the Risks (Part One of Two)

Jun. 6, 2018

What Lawyers Need to Know About Security Technologies and Techniques (Part Two of Three)

Jun. 6, 2018

Analyzing New and Amended State Breach Notification Laws

May 30, 2018

Compliance 2.0: The Role of Data and Behavioral Science in Risk Management

May 30, 2018

Understanding the Intersection of Law and Artificial Intelligence

May 16, 2018

Countdown to GDPR Enforcement: Final Steps and Looking Ahead

May 16, 2018

How to Ensure GDPR-Compliant Third-Party Relationships

Apr. 25, 2018

Eight Steps for Protecting Trade Secrets Across Global Enterprises

Apr. 18, 2018

When and How Legal and Information Security Should Engage on Cyber Strategy: Vendors and M&A (Part Three of Three)

Apr. 11, 2018

When and How Legal and Information Security Should Engage on Cyber Strategy: Assessments and Incident Response (Part Two of Three)

Mar. 28, 2018

Evaluating Cybersecurity Coverage in Light of the GDPR

Mar. 28, 2018

Beware of False Friends: A Hedge Fund Manager’s Guide to Social Engineering Fraud

Mar. 28, 2018

When and How Legal and Information Security Should Engage on Cyber Strategy: It Starts With Governance (Part One of Three)

Mar. 14, 2018

Developing an Effective Third-Party Management Program

Mar. 14, 2018

How Will the GDPR Affect Due Diligence?

Feb. 28, 2018

Financial Firms Must Supervise Their IT Providers to Avoid CFTC Enforcement Action

Feb. 14, 2018

NY AG and HHS Flex Regulatory Muscles in Recent Protected Health Information Breach Settlements

Feb. 14, 2018

Biometric Data Protection Laws and Litigation Strategies (Part Two of Two)

Jan. 31, 2018

Biometric Data Protection Laws and Litigation Strategies (Part One of Two)

Jan. 31, 2018

How to Make Data Work for You: A Conversation With a Law Firm’s Chief Data Analytics Officer and Its CISO

Jan. 17, 2018

NIST Program Manager Explains Pending Changes to Its Cybersecurity Framework

Dec. 20, 2017

Effective M&A Contract Drafting and Internal Cyber Diligence and Disclosure

Dec. 6, 2017

How to Move Beyond a Checklist Approach to Third-Party Oversight

Dec. 6, 2017

Actions Under Biometric Privacy Laws Highlight Related Risks

Nov. 8, 2017

IBM Cybersecurity Counsel Offers Techniques for Speaking the Same Language as the C-Suite When Managing Cyber Risk

Nov. 8, 2017

How to Mitigate the Risks of Open-Source Software (Part Two of Two)

Oct. 25, 2017

How to Mitigate the Risks of Open-Source Software (Part One of Two)

Oct. 25, 2017

Advice From Recruiters on How to Attract the Best and Brightest Security and Privacy Leadership

Oct. 25, 2017

How to Outsource Vulnerability Assessments to Hackers

Oct. 11, 2017

Lessons From the Equifax Breach on How to Bolster Incident Response Planning (Part Two of Two)

Oct. 11, 2017

Practical and Ethical Data-Protection Steps for Law Firms

Oct. 11, 2017

How to Successfully Incorporate the Role of the Chief Technology Officer

Oct. 11, 2017

FTC Launches Stick With Security Series, Adding Detail and Guidance to Its Start With Security Guide (Part Two of Two)

Sep. 27, 2017

FTC Settlements in Privacy Shield Cases and With Lenovo Over Use of “Man-in-the-Middle” Software Highlight Vigorous Enforcement Efforts

Sep. 27, 2017

Audit of Websites’ Security, Privacy and Consumer Practices Reveals Deficiencies Despite Overall Progress

Sep. 27, 2017

Lessons From the Equifax Breach on How to Bolster Incident Response Planning (Part One of Two)

Sep. 13, 2017

Negotiating an Effective Cloud Service Agreement

Sep. 13, 2017

Unlocking Encryption: An Attorney Weighs in on Balancing Security and Practicality (Part Three of Three)

Aug. 23, 2017

Inside Advice on the Growing Cyber Insurance Market for the Financial Sector

Aug. 23, 2017

Unlocking Encryption: A CISO’s Perspective on Encryption As Only One Strategy (Part Two of Three)

Aug. 9, 2017

Unlocking Encryption: A Consultant’s View on Navigating Encryption Options and Persuading Reluctant Organizations (Part One of Three)

Aug. 9, 2017

Identifying and Managing Third-Party Cybersecurity Risks for Asset Managers

Aug. 9, 2017

How to Make an Informed Policy Selection in the Dynamic Cyber Insurance Market

Aug. 9, 2017

Overcoming the Challenges and Reaping the Benefits of Multi-Factor Authentication in the Financial Sector (Part Two of Two)

Jun. 3, 2015

Navigating Data Breaches and Regulatory Compliance for Employee Benefit Plans

Jul. 26, 2017

Overcoming the Challenges and Reaping the Benefits of Multi-Factor Authentication in the Financial Sector (Part One of Two)

Jul. 12, 2017

How Small Businesses Can Maximize Cybersecurity Protections and Prioritize Their Spending

Jun. 28, 2017

Cyber Crisis Communication Plans: What Works and What to Avoid (Part Two of Two)

Jun. 14, 2017

Are New York’s Cyber Regulations a “Game Changer” for Hedge Fund Managers?

Jun. 14, 2017

Navigating the Evolving Cyber Insurance Market

Jun. 14, 2017

How Internal Audit Can Improve Cybersecurity 

May 31, 2017

Defending Against the Rising Threat of Ransomware in the Wake of WannaCry

May 31, 2017

Using Big Data Legally and Ethically While Leveraging Its Value (Part Two of Two)

May 31, 2017

One Year Until GDPR Enforcement: Five Steps Companies Should Take Now

May 31, 2017

Advice on Incorporating Cybersecurity in eDiscovery

May 17, 2017

Tracking Data and Maximizing Its Potential

May 17, 2017

Investigative Realities: Working Effectively With Forensic Firms (Part Two of Two)

May 17, 2017

Using Big Data Legally and Ethically While Leveraging Its Value (Part One of Two)

May 3, 2017

Infrastructure Cybersecurity Challenges: A View Through the Oil and Gas Pipeline Lens

May 3, 2017

Investigative Realities: Working Effectively With Forensic Firms (Part One of Two)

Apr. 19, 2017

How to Ensure Cyber Risks Do Not Derail an IPO

Apr. 19, 2017

Effective and Compliant Employee Monitoring (Part Two of Two)

Apr. 19, 2017

What In-House and Outside Counsel Need to Know About ACC’s First Model Cybersecurity Practices for Law Firms

Apr. 5, 2017

Multimillion-Dollar Scheme Serves As Backdrop for Lessons on Preventing and Mitigating Phishing Attacks

Apr. 5, 2017

Effective and Compliant Employee Monitoring (Part One of Two) 

Apr. 5, 2017

Proactive Steps to Prevent Legal Pitfalls in Bug Bounty Programs 

Mar. 22, 2017

Assessing Regulatory Responsibility When Reporting Postmarket Cybersecurity “Corrections” to the FDA

Mar. 22, 2017

How to Establish and Manage a Successful Bug Bounty Program 

Mar. 22, 2017

Forensic Firms: Effective Vetting and Collaboration (Part Three of Three)

Mar. 8, 2017

A Real-Life Scenario Offers Lessons on How to Handle a Breach From the Inside

Mar. 8, 2017

Forensic Firms: Key Contract Considerations and Terms (Part Two of Three)

Feb. 22, 2017

Forensic Firms: Understanding and Leveraging Their Expertise From the Start (Part One of Three)

Feb. 8, 2017

How Fund Managers Can Prepare for Investor Cybersecurity Due Diligence 

Jan. 25, 2017

FTC Data Security Enforcement Year-In-Review: Do We Know What “Reasonable” Security Is Yet?

Jan. 11, 2017

Ten Cybersecurity Priorities for 2017

Dec. 14, 2016

Considerations for Managing Cybersecurity and Privacy Risk in Outsourcing Contracts

Dec. 14, 2016

Presidential Commission Recommends Ways For Public and Private Sectors to Improve Cybersecurity 

Nov. 30, 2016

Attorney-Consultant Privilege? Structuring and Implementing the Kovel Arrangement (Part Two of Two)

Nov. 30, 2016

Exploring the New Frontier of International Regulations on Importing and Exporting Encryption Technology

Nov. 30, 2016

New NIST and DHS IoT Guidance Signal Regulatory Growth 

Nov. 30, 2016

Using a Risk Assessment as a Critical Component of a Robust Cybersecurity Program (Part Two of Two)

Nov. 30, 2016

Tech Meets Legal Spotlight: What to Do When IT and Legal Slow the Retention of a Third-Party Vendor

Nov. 16, 2016

Increasing Role of Counsel Among Operational Shifts Highlighted by Cyber Risk Management Survey

Nov. 16, 2016

Attorney-Consultant Privilege? Key Considerations for Invoking the Kovel Doctrine (Part One of Two)

Nov. 16, 2016

WilmerHale Attorneys Explain the Evolving Cybersecurity Environment of the Energy Sector

Nov. 16, 2016

Using a Risk Assessment as a Critical Component of a Robust Cybersecurity Program (Part One of Two)

Nov. 2, 2016

FBI Veteran Discusses Using Law Enforcement’s Cyber Resources to Improve Security and Obtain Board Buy-In

Nov. 2, 2016

How to Protect Against Weaponized Devices in Light of the Massive Denial-of-Service Attack

Nov. 2, 2016

Advice From Blackstone and Tiffany CISOs on Fighting Cybercrime

Nov. 2, 2016

Demystifying the FTC’s Reasonableness Requirement in the Context of the NIST Cybersecurity Framework (Part Two of Two)

Nov. 2, 2016

Guide to Getting Your Security Program Certified Under ISO 27001

Oct. 5, 2016

Examining Newly Released Privacy and Security Guidance for the Fast-Driving Development of Autonomous Cars

Oct. 19, 2016

Taking Action to Refocus on Security: Conversation With a CIO 

Oct. 19, 2016

Demystifying the FTC’s Reasonableness Requirement in the Context of the NIST Cybersecurity Framework (Part One of Two)

Oct. 19, 2016

How the Financial Services Industry Can Handle Cybersecurity Threats, Acquisition Diligence and Breach Response

Oct. 19, 2016

Privacy Leaders Share Key Considerations for Incorporating a Privacy Policy in the Corporate Culture 

Oct. 5, 2016

Essential Cyber Due Diligence Considerations in M&A Deals Raised by Yahoo Breach

Oct. 5, 2016

ISAO Organization Releases a Roadmap to Cyber Threat Information Sharing 

Sep. 21, 2016

What Private Companies Can Learn From the OPM Data Breaches

Sep. 21, 2016

Staying Cybersecure Without Mobile Device Management

Sep. 21, 2016

Learning How to Pick the Best Policy from Cyber Insurance Cases (Part Two of Two)

Sep. 7, 2016

Navigating Online Identity Management’s Risks and Regulations

Sep. 7, 2016

Understanding Data Privacy and Cybersecurity in China (Part One of Two)

Sep. 7, 2016

What Cyber Insurance Cases Teach About Picking the Best Policy (Part One of Two)

Sep. 7, 2016

Using Information Sharing to Combat Cyber Crime While Protecting Privacy 

Aug. 24, 2016

Cybersecurity Due Diligence in M&A Is No Longer Optional

Aug. 24, 2016

Fulfilling the Ethical Duty of Technology Competence for Attorneys

Aug. 3, 2016

Procedures for Hedge Fund Managers to Safeguard Trade Secrets From Rogue Employees 

Aug. 3, 2016

Key Post-Breach Shareholder Litigation, Disclosure and Insurance Selection Considerations

Jul. 20, 2016

How the Financial Services Industry Can Manage Cyber Risk

Jul. 20, 2016

Using Data Analytics to Combat Internal Cyber Threats

Jul. 6, 2016

Technology Leader Discusses How to Deal With the Growing Threat of Ransomware 

Jul. 6, 2016

Mitigating Cyber Risk in M&A Deals and Third-Party Relationships

Jul. 6, 2016

Law Enforcement on Cybersecurity Matters: Corporate Friend or Foe? (Part Two of Two)

Jul. 6, 2016

Understanding the Far-Reaching Impact of Chinese State Secrets Laws on Data Flow 

Jun. 22, 2016

Law Enforcement on Cybersecurity Matters: Corporate Friend or Foe? (Part One of Two)

Jun. 22, 2016

Cyber Insurance Challenges Highlighted by Court’s Denial of P.F. Chang’s Claim

Jun. 22, 2016

Assistant Attorney General Leslie Caldwell Addresses the Challenges of Cross-Border Cooperation and Electronic Evidence Gathering

Jun. 8, 2016

Minimizing Class Action Risk in Breach Response

Jun. 8, 2016

Vendor Cyber Risk Management: 14 Key Contract Terms (Part Two of Two)

Jun. 8, 2016

Foreign Business Chambers Sign Open Letter Against Chinese Cybersecurity Regulatory Changes

Jun. 8, 2016

How Financial Service Providers Can Use Cyber Insurance to Mitigate Risk

May 25, 2016

Do You Know Where Your Employees Are? Tackling the Privacy and Security Challenges of Remote Working Arrangements

May 25, 2016

A Guide to Developing and Implementing a Successful Cyber Incident Response Plan: Does Your Plan Work? (Part Three of Three)

May 25, 2016

Key Considerations for Public Companies for Mitigating and Disclosing Cybersecurity Risks

May 25, 2016

Vendor Cyber Risk Management: Nine Due Diligence Questions (Part One of Two)

May 11, 2016

Google, CVS and the FBI Share Advice on Interacting With Law Enforcement After a Breach

May 11, 2016

A Guide to Developing and Implementing a Successful Cyber Incident Response Plan: Seven Key Components (Part Two of Three)

Apr. 27, 2016

Regulators Speak Candidly About Cybersecurity Trends, Priorities and Coordination

Apr. 27, 2016

Don’t Overlook Commercial General Liability Insurance to Defend a Data Breach

Apr. 27, 2016

A Guide to Developing and Implementing a Successful Cyber Incident Response Plan: From Data Mapping to Evaluation (Part One of Three)

Apr. 13, 2016

Study Analyzes How Companies Can Overcome Cybersecurity Challenges and Create Business Value

Apr. 13, 2016

A Look Inside the Cybersecurity and Privacy Law Department of a Top Defense Company

Mar. 30, 2016

How Law Firms Should Strengthen Cybersecurity to Protect Themselves and Their Clients

Mar. 30, 2016

Steps for Companies to Take This Week, This Month and This Year to Meet the Challenges of International Cyberspace Governance

Mar. 16, 2016

CSIS’ James Lewis Discusses Balancing Law Enforcement and Privacy

Mar. 16, 2016

Designing, Implementing and Assessing an Effective Employee Cybersecurity Training Program (Part Three of Three)

Mar. 2, 2016

How the American Energy Industry Approaches Security and Emphasizes Information Sharing

Feb. 17, 2016

Cybersecurity Preparedness Is Now a Business Requirement

Jan. 20, 2016

Defining, Documenting and Measuring Compliance Program Effectiveness

Jan. 6, 2016

Opportunities and Challenges of the Long-Awaited Cybersecurity Act of 2015

Jan. 6, 2016

How the Financial Services Sector Can Meet the Cybersecurity Challenge: A Plan for Building a Cyber-Compliance Program (Part Two of Two)

Dec. 9, 2015

Building a Strong Cyber Insurance Policy to Weather the Potential Storm (Part Two of Two)

Dec. 9, 2015

The Multifaceted Role of In-House Counsel in Cybersecurity 

Dec. 9, 2015

Avoiding Privacy Pitfalls While Using Social Media for Internal Investigations

Nov. 25, 2015

How to Protect Intellectual Property and Confidential Information in the Supply Chain

Nov. 25, 2015

Implementing an Effective Cloud Service Provider Compliance Program

Nov. 25, 2015

Proactive Steps to Protect Your Company in Anticipation of Future Data Security Litigation (Part One of Two)

Nov. 25, 2015

Building a Strong Cyber Insurance Policy to Weather the Potential Storm (Part One of Two)

Nov. 11, 2015

How to Reduce Cybersecurity Risks of Bring Your Own Device Policies (Part Two of Two)

Nov. 11, 2015

What Companies Can Learn from Cybersecurity Resources in Pittsburgh

Oct. 28, 2015

Mastercard and U.S. Bancorp Execs Share Tips for Awareness and Prevention of Mushrooming Cyber Risk (Part Two of Two)

Oct. 28, 2015

Transferring Risk Through the Right Cyber Insurance Coverage

Oct. 28, 2015

Orrick Attorneys Explain California’s New Specific Standards for Breach Notification

Oct. 14, 2015

How to Reduce the Cybersecurity Risks of Bring Your Own Device Policies (Part One of Two)

Oct. 14, 2015

Mastercard and U.S. Bancorp Execs Share Tips for Awareness and Prevention of Mushrooming Cyber Risk (Part One of Two)

Oct. 14, 2015

Energy Industry Demonstrates Public-Private Cybersecurity Coordination

Sep. 30, 2015

Protecting the Crown Jewels Using People, Processes and Technology 

Sep. 30, 2015

Protecting and Enforcing Trade Secrets in a Digital World

Sep. 30, 2015

Learning from the Target Data Breach About Effective Third-Party Risk Management (Part Two of Two)

Sep. 16, 2015

How the Legal Industry Is Sharing Information to Combat Cyber Threats

Sep. 16, 2015

Learning from the Target Data Breach About Effective Third-Party Risk Management  (Part One of Two)

Aug. 12, 2015

How the Hospitality Industry Confronts Cybersecurity Threats that Never Take Vacations

Aug. 12, 2015

Surveys Find Internal and Third-Party Cybersecurity Risks Among Top Executive Concerns

Jul. 29, 2015

How to Prevent and Manage Ransomware Attacks (Part Two of Two)

Jul. 15, 2015

Conflicting Views of Safety, Vulnerability and Privacy Fuel Encryption Debate

Jul. 1, 2015

SEC Commissioner Says Public-Private Partnership Is Key to Effective Cybersecurity

Jul. 1, 2015

Cybersecurity and Information Governance Considerations in Mergers and Acquisitions

Jul. 1, 2015

Regulatory Compliance and Practical Elements of Cybersecurity Testing for Fund Managers (Part Two of Two)

Jun. 17, 2015

Sample Questions for Companies to Ask to Assess Their Law Firms’ Cybersecurity Environment

Jun. 17, 2015

Model Cybersecurity Contract Terms and Guidance for Investment Managers to Manage Their Third-Party Vendors

Jun. 17, 2015

In a Candid Conversation, FBI Director James Comey Discusses Cooperation among Domestic and International Cybersecurity Law Enforcement Communities (Part Two of Two)

Jun. 3, 2015

Understanding and Addressing Cybersecurity Vulnerabilities at Law Firms: Strategies for Vendors, Lawyers and Clients

Jun. 3, 2015

In a Candid Conversation, FBI Director James Comey Talks About the “Evil Layer Cake” of Cybersecurity Threats (Part One of Two)

Jun. 3, 2015

Private and Public Sector Perspectives on Producing Data to the Government

May 20, 2015

Analyzing and Mitigating Cybersecurity Risks to Investment Managers (Part Two of Two)

May 20, 2015

Weil Gotshal Attorneys Advise on Key Ways to Anticipate and Counter Cyber Threats

May 20, 2015

DOJ Encourages Cyber Incident Reporting and Advance Planning with Best Practices Guidance

Apr. 22, 2015

Debunking Cybersecurity Myths and Setting Program Goals for the Financial Services Industry

Apr. 22, 2015

Designing and Implementing a Three-Step Cybersecurity Framework for Assessing and Vetting Third Parties (Part Two of Two)

Apr. 22, 2015

FCC Makes Its Mark on Cybersecurity Enforcement with Record Data Breach Settlement

Apr. 22, 2015

Analyzing the Cyber Insurance Market, Choosing the Right Policy and Avoiding Policy Traps

Apr. 22, 2015

Shifting to Holistic Information Governance and Managing Information as an Asset

Apr. 8, 2015

Strategies for Preventing and Handling Cybersecurity Threats from Employees

Apr. 8, 2015

How Can a Company Mitigate Cyber Risk with Cross-Departmental Decisionmaking?

Apr. 8, 2015

Ten Actions for Effective Data Risk Management

Apr. 8, 2015

Designing and Implementing a Three-Step Cybersecurity Framework for Assessing and Vetting Third Parties (Part One of Two)

Mar. 22, 2023

Cyber Risks in Aviation: Navigating Turbulent Skies Ahead

Mar. 8, 2023

Best Practices to Combat Surge of Unwanted Data Scraping

Mar. 1, 2023

Navigating the Interplay of Cyber Insurance With Other Potential Coverage

Feb. 22, 2023

Lessons From the Multinational Takedown of Hive Ransomware: Coordination and Defensive Priorities

Feb. 15, 2023

Impact of Emerging Technologies on Financial Crime Risk Management

Feb. 15, 2023

Lessons From the Multinational Takedown of Hive Ransomware: A Broad Impact

Feb. 8, 2023

Data Breaches and the Private Credit Market: Post-Breach Considerations

Feb. 1, 2023

Data Breaches and the Private Credit Market: Assessing Borrower Cyber Preparedness

Jan. 11, 2023

A Ransomware Tabletop’s 360-Degree Incident Response View: Day Five Through Post-Mortem

Jan. 4, 2023

A Ransomware Tabletop’s 360-Degree Incident Response View: Days One to Four

Dec. 7, 2022

Checklist for Preserving Privilege of Forensic Analyses Post Breach

Nov. 16, 2022

Ransomware Evolution: Government Efforts and Cyber Insurance

Nov. 9, 2022

Ransomware Evolution: Growing Threats and Response Considerations

Nov. 9, 2022

Lessons From the Conviction of Uber’s Former CISO

Oct. 26, 2022

Navigating the Interplay of Breach Response and Breach Notification

Oct. 19, 2022

A New Era of Cyber Incident Reporting and Cybersecurity Regulation: How Companies Should Prepare and Engage

Oct. 19, 2022

Held to Ransom: How Cyberattacks Can Become a Legal and Regulatory Odyssey for a Private Investment Fund

Oct. 12, 2022

A New Era of Cyber Incident Reporting and Cybersecurity Regulation: Key Provisions

Sep. 21, 2022

Held to Ransom: How Cyberattacks Can Become a Legal and Regulatory Odyssey for a Private Investment Fund

Sep. 07, 2022

Four Steps to Secure Open-Source Software After CSRB’s Log4j Investigation

Sep. 07, 2022

Cyber Crisis Communications – “No Comment” Is Not an Option

Aug. 17, 2022

Understanding and Implementing DoD’s Cybersecurity Requirements

Aug. 10, 2022

Protecting Against Crypto Theft

Aug. 10, 2022

SEC Cyber Rules: How to Prepare for the New 8-K Incident Mandate

Aug. 3, 2022

How to Prepare for the Cybersecurity Incident Reporting for Critical Infrastructure Act

Jul. 27, 2022

A Checklist to Help Fund Managers Assess Their Cybersecurity Programs

Jul. 20, 2022

Looking Back on the Breach: Fundamentals of Preserving Privilege of Forensic Analyses in the Wake of a Data Breach

Jun. 29, 2022

Lessons From CISA for In-House Counsel on Mitigating and Managing MSP Breach Threats

Jun. 29, 2022

Navigating the Intersection of Digital Assets and AML

Jun. 8, 2022

Revised DOJ Guidance Clarifies Liability Protections for Good-Faith Security Research

May 25, 2022

Ransomware and Sanctions in the Time of War

Apr. 6, 2022

How to Measure Whether Your Company Is Ready to Catch Lots of Phish

Apr. 6, 2022

How Colonial Pipeline Changed Advice on Ransomware Preparation and Response

Mar. 30, 2022

Drafting Data and Cybersecurity Provisions in Third-Party Vendor Agreements

Mar. 30, 2022

As Email Scams Surge, Training Lessons From 115 Million Phishing Messages

Mar. 23, 2022

Implications of DOJ’s Pursuit of the Crypto-Laundering Couple

Mar. 9, 2022

Securing Emerging Technologies Without Hampering Innovation: Private Sector Challenges

Mar. 2, 2022

Prioritizing Public-Private Partnerships in an Increasingly Complex Regulatory Environment

Jan. 26, 2022

Lessons From SolarWinds

Jan. 12, 2022

Cybersecurity Resolutions for 2022

Jan. 12, 2022

Ten Tips to Prepare for and Navigate Ransomware Decisions

Dec. 15, 2021

To Pay or Not to Pay? Empirical Studies Show Keys to Ransomware Decisions

Dec. 01, 2021

Former SDNY Complex Frauds and Cybercrime Unit Co-Chief Discusses Prosecution Trends and Takeaways

Nov. 10, 2021

Cyber Insurance Litigation Trends Amid Rising Ransomware Attacks

Oct. 27, 2021

IOSCO Issues Final Guidance on AI and Machine Learning

Oct. 13, 2021

New Pressures Shift Best Practices for Ransomware Crisis Communications

Sep. 29, 2021

Value of Sponsors Implementing Portfolio Monitoring Models for ESG and Cybersecurity Issues

Aug. 18, 2021

A Look Inside Businesses’ Private Disputes Over Ransomware Costs

Aug. 4, 2021

CISA and Chamber of Commerce Officials Discuss Cyber Essentials’ Six Pillars for Small Businesses

Jul. 28, 2021

Incident Response in the Financial Services Industry

Jul. 21, 2021

Understanding Common Hacking Techniques and Forensic Analysis

Jun. 23, 2021

How the NYDFS Drives Cybersecurity in the Financial Services Industry

Jun. 9, 2021

State AGs Share Breach Notification Tips and Latest Enforcement Concerns

Jun. 9, 2021

To “Cure” or Not to “Cure,” That Is the Question

May 26, 2021

Task Force Leader Addresses Proposed Mandatory Reporting of Ransomware Payments

May 26, 2021

CISA and DHS Counsel Explain Cybersecurity Executive Order’s Key Provisions

May 19, 2021

Task Force Leader Discusses How to Beat Ransomware in a Year

May 12, 2021

How Law Firms Can Prevent, Detect, and Respond to Ransomware Attacks

May 5, 2021

Two Settlements Show NYDFS’ Hidden Power to Use Other States’ Breach Laws

Apr. 28, 2021

Implementing NSA-CISA-FBI Advisory Mitigation Tactics for Vulnerabilities Exploited by Russia

Feb. 17, 2021

Wray Highlights Benefits of FBI Coordination With Public and Private Sectors

Feb. 17, 2021

A Fake Zoom Invite Hack: Eight More Lessons

Feb. 10, 2021

What the New Information Security Reporting Standards Mean for Financial Institutions 

Feb. 10, 2021

A Fake Zoom Invite Hack: What Happened and Three Lessons

Feb. 3, 2021

Expect Continuing Regulatory Focus on Cybersecurity and Data Protection in 2021

Feb. 3, 2021

How to Prevent and Handle Disputes Over Ransomware Insurance Claims

Jan. 20, 2021

Disputed Twitter Fine Offers Breach Response Lessons

Jan. 13, 2021

Cybersecurity Resolutions for 2021

Jan. 13, 2021

Checklist for IoT Security Audits

Jan. 6, 2021

Privacy and Security Risks in International Arbitration: Managing Remote Proceedings

Dec. 16, 2020

Privacy and Security Risks in International Arbitration: Threats and the Information Security Protocol

Dec. 16, 2020

How Will the Biden Administration’s Approach to Cybersecurity Impact the Private Sector?

Nov. 4, 2020

Comparing U.S. and E.U. Approaches to Incident Response and Breach Notification

Nov. 4, 2020

A Guided Tour of Enterprise IoT Device Hazards

Oct. 28, 2020

Ten Tips for Fighting Breaches Like Fires

Oct. 21, 2020

Steps to Take After OFAC and FinCEN’s Warnings on Ransomware Payoffs

Oct. 21, 2020

Senior Commerce Official Discusses Supply Chain Security and Cyber Policy

Oct. 14, 2020

Vulnerability Management: What You Don’t Know From Your External Scans Can Be Used Against You

Oct. 7, 2020

How to Address Intensifying Enterprise IoT Security Risks

Sep. 30, 2020

Learning From the “Holes” in Dunkin’s Security to Mitigate Brute-Force Attacks

Sep. 30, 2020

Should Victims of State-Sponsored Hacking Be Liable for Personal Data Breaches?

Sep. 23, 2020

Identifying and Preventing Ransomware Attacks

Sep. 16, 2020

How Can Your Firm Avoid Being the Next Target of a Cultural Engineering Attack?

Sep. 16, 2020

Twelve Steps for Engaging the Board of Directors and Implementing a Long-Term Cybersecurity Plan

Sep. 9, 2020

Action Steps to Respond to Ransomware Attacks

Sep. 2, 2020

Understanding and Evaluating Cyber Insurance in an Evolving Market

Aug. 12, 2020

Six Compliance Lessons From NYDFS’ First Cybersecurity Regulation Enforcement Action

Jun. 10, 2020

After Capital One Ruling, How Will Companies Protect Forensic Reports?

Jun. 3, 2020

How CISOs Can Use Digital Asset Metrics to Tell a Coherent Cyber Story to the Board

Jun. 3, 2020

Re-Evaluating Cybersecurity in the Remote Work Environment

May 13, 2020

Setting Your Company Up to Win Cyber Insurance Battles

May 6, 2020

Managing Ransomware’s Mutation Into a Public Data Breach

Apr. 29, 2020

Understanding Insider Trading Based on Data Breaches Amidst Heightened Regulatory Scrutiny

Apr. 29, 2020

What Is the Potential Liability for Zoombombing, and How Safe Are Zoom Alternatives?

Apr. 22, 2020

How Is COVID-19 Affecting Cybersecurity Risk, Readiness, Reporting and NYDFS Enforcement?

Apr. 15, 2020

Six Ways to Be Prepared for the SEC’s Focus on Cybersecurity and Resiliency

Apr. 15, 2020

Takeaways From Former FTC Officials on 2019 Enforcement Actions: Data Security Guidance and Enforcement Predictions

Apr. 8, 2020

Wide-Ranging Lessons From Notable Breaches in Q1

Apr. 8, 2020

DOJ Guidance on How Companies Should Pursue Stolen Data on the Dark Web

Apr. 1, 2020

When Do Force Majeure Clauses Excuse Performance?

Apr. 1, 2020

Investigation Strategies During Social Distancing

Mar. 25, 2020

Are Companies Turning a Blind Eye to Their Lost Data on the Dark Web?

Mar. 25, 2020

Companywide Work From Home: Six Cybersecurity Considerations

Mar. 11, 2020

NIST’s New IoT Standard: Inspiring a Wave of New Device Security Guidance

Mar. 4, 2020

NIST’s New IoT Standard: Boosting Security As States Launch Laws

Feb. 26, 2020

Tips From Ponemon/Experian Survey on Building an Incident Response Plan That Fosters Confidence

Feb. 19, 2020

Preparing for and Responding to Ransomware Attacks

Jan. 29, 2020

Establishing a Foundation for Breach-Notification Compliance in a Sea of Privacy Laws

Jan. 22, 2020

Managing Legal Risks to U.S. Companies From Foreign Cyberattacks

Jan. 15, 2020

When Does Social Engineering Fraud Qualify for Insurance Coverage?

Dec. 18, 2019

Not Just the GDPR: Privacy Laws in Belarus, Russia, Switzerland, Turkey and Ukraine

Dec. 11, 2019

Not Just GDPR: Examining the Other European Privacy Laws 

Dec. 4, 2019

U.K. and U.S. Sign First E-Evidence Pact Under the CLOUD Act: A Look at the Privacy Protections

Nov. 20, 2019

U.K. and U.S. Sign First E-Evidence Pact Under the CLOUD Act: Fewer Hurdles, More Clarity and New Questions

Oct. 23, 2019

CFTC Issues $1.5-Million Fine After Phishing Attack

Oct. 9, 2019

DOJ Spotlights Emerging Issues and Protection Strategies Around Business Email Compromise Attacks

Oct. 2, 2019

Preserving Customer Goodwill After a Breach

Sep. 25, 2019

Vulnerability Disclosure Policies: A Cost-Effective Best Practice for Cybersecurity

Sep. 25, 2019

Strategies and Tactics for Conducting an Effective Tabletop Exercise (Part Two of Two)

Sep. 18, 2019

Strategies and Tactics for Developing an Effective Tabletop Exercise (Part One of Two)

Sep. 11, 2019

Using “Red-Teaming” to Test and Improve Cyber Defenses

Sep. 11, 2019

New York’s New Cybersecurity Standards: Expanding Definitions and Requirements

Aug. 14, 2019

Report Weighs In on Understanding and Mitigating Rising Data Breach Costs

Jul. 31, 2019

Learning From the Equifax Settlement

Jul. 17, 2019

How to Establish an Efficient Incident Response Plan

Jun. 12, 2019

There Really Isn’t a Quarterback: Uber and Equifax Executives Share Insights on Incident Response Best Practices and the Lawyer’s Role

Jun. 12, 2019

Dos and Don’ts of Choosing a Cyber Insurance Broker and Navigating the Application Process

Jun. 5, 2019

Irish Data Protection Commissioner Helen Dixon on Breach Notification, the Role of the DPO and a U.S. Privacy Law

May 29, 2019

Keeping CISOs and the C-Suite Off the Witness Stand

May 22, 2019

Social Engineering, Attacks on Cloud-Based Email on the Rise, Verizon Data Breach Report Finds

May 22, 2019

Deputy Assistant Attorney General Seeks to Dispel CLOUD Act Misunderstandings One Year In

Apr. 17, 2019

Guidelines for Securing Effective Cyber Insurance Policy Terms

Apr. 17, 2019

GPEN Report Highlights Key Areas for Data Privacy Improvement

Mar. 27, 2019

Companies May Need to Re-Examine Approach to Breach Response Preparedness According to Experian Survey

Mar. 20, 2019

Increased Post-Breach Discovery Turns Spotlight on Privilege

Feb. 20, 2019

Fixing the Chinks in Companies’ Cyber Armor: Executives

Feb. 20, 2019

ACA Aponix-NSCP Cyber Survey Finds Growing Numbers of Security Incidents, Cloud Use and Regulatory Burdens

Feb. 13, 2019

Reducing Risk in the Dawn of Equifax and Other Cyber-Related Securities Fraud Class Actions

Feb. 6, 2019

The New Normal: Easier Data Breach Standing Is Here to Stay

Jan. 23, 2019

Massachusetts Breach Notification Law 2.0: More Protections for Consumers, More Requirements for Businesses

Jan. 16, 2019

GDPR Provides Model for Privacy and Security Laws in Latin America and Asia (Part Two of Two)

Jan. 16, 2019

Key Cyber Threats and Targets for 2019

Jan. 9, 2019

GDPR Provides Model for Privacy and Security Laws in Latin America and Asia (Part One of Two)

Jan. 9, 2019

Ten Cyber and Privacy Resolutions for the New Year

Dec. 19, 2018

Interim Response Lessons From the Marriott Breach

Dec. 19, 2018

Ten Steps for Effective Crisis Communications

Dec. 5, 2018

Tips from EY’s Forensics Team on Recognizing and Preventing BEC Attacks

Nov. 14, 2018

A Roadmap to Preparing for and Managing a Cyber Investigation

Oct. 31, 2018

How to Comply With Canada’s New Privacy Breach Reporting and Record-Keeping Rules

Oct. 17, 2018

Using Cyber Insurance to Mitigate Risk: Policy Management and Breach Response

Sep. 26, 2018

Five Takeaways From the Fiserv Wake-Up Call

Sep. 19, 2018

Evolving Roles of Privacy and Security Professionals: Operationalizing Policies, Incident Response and Vendor Management

Sep. 12, 2018

Colorado’s Revised Cybersecurity Law Clarifies and Strengthens Existing Requirements

Jul. 25, 2018

Companies Face Increasing Cost of a Data Breach and an Inability to Detect Incidents Promptly, Surveys Show

Jul. 25, 2018

Implications of the Supreme Court’s Carpenter Decision on the Treatment of Cellphone Location Records

Jul. 11, 2018

Ransomware Lessons From the Trenches of the MedStar Attack

Jun. 20, 2018

Managing Cyber Investigations: A CISO and In-House Counsel Discuss Best Practices for Real-Life Scenarios

Jun. 6, 2018

Analyzing New and Amended State Breach Notification Laws

Apr. 25, 2018

Pillars of Effective Breach Detection, Response and Remediation

Apr. 18, 2018

Ten Common Post-Breach Public Relations Failures and How to Avoid Them

Apr. 18, 2018

Guidance and Clarification on Asia’s Evolving Cybersecurity and Data Protection Laws

Apr. 18, 2018

When and How Legal and Information Security Should Engage on Cyber Strategy: Vendors and M&A (Part Three of Three)

Apr. 11, 2018

When and How Legal and Information Security Should Engage on Cyber Strategy: Assessments and Incident Response (Part Two of Three)

Mar. 28, 2018

Beware of False Friends: A Hedge Fund Manager’s Guide to Social Engineering Fraud

Mar. 28, 2018

Singapore Focuses on Critical Infrastructure With New Cybersecurity Law

Mar. 14, 2018

Identifying and Preparing for Ransomware Threats (Part Two of Two)

Mar. 14, 2018

Understanding Australia’s Strengthened Breach Notification Scheme

Feb. 28, 2018

Identifying and Preparing for Ransomware Threats (Part One of Two)

Feb. 28, 2018

Financial Firms Must Supervise Their IT Providers to Avoid CFTC Enforcement Action

Feb. 14, 2018

NY AG and HHS Flex Regulatory Muscles in Recent Protected Health Information Breach Settlements

Jan. 17, 2018

NIST Program Manager Explains Pending Changes to Its Cybersecurity Framework

Jan. 17, 2018

A Practical Look at the GDPR’s Data Breach Notification Provision 

Dec. 20, 2017

SEC Takes Aggressive Action Against Allegedly Fraudulent ICO

Oct. 11, 2017

Lessons From the Equifax Breach on How to Bolster Incident Response Planning (Part Two of Two)

Sep. 27, 2017

Lessons From the Equifax Breach on How to Bolster Incident Response Planning (Part One of Two)

Aug. 23, 2017

Unlocking Encryption: A CISO’s Perspective on Encryption As Only One Strategy (Part Two of Three)

Aug. 9, 2017

What the Financial Sector Should Know to Recognize and Combat Cyber Threats (Part Two of Two)

Jun. 3, 2015

Navigating Data Breaches and Regulatory Compliance for Employee Benefit Plans

Jul. 26, 2017

International Law Playing Cybersecurity Catch-Up (Part Two of Two)

Jul. 26, 2017

What the Financial Industry Should Know to Recognize and Combat Cyber Threats (Part One of Two)

Jul. 12, 2017

A Discussion With eHarmony’s GC About the Role of In-House Counsel in Cybersecurity

Jul. 12, 2017

How Small Businesses Can Maximize Cybersecurity Protections and Prioritize Their Spending

Jul. 12, 2017

International Law Playing Cybersecurity Catch-Up (Part One of Two) 

Jun. 28, 2017

Three Takeaways From Congress’s Cross-Border Data Hearings

Jun. 28, 2017

Cyber Crisis Communication Plans: What Works and What to Avoid (Part Two of Two)

Jun. 14, 2017

Cyber Crisis Communication Plans: What Works and What to Avoid (Part One of Two)

May 31, 2017

Reacting Quickly With a Nimble Incident Response Plan

May 31, 2017

Defending Against the Rising Threat of Ransomware in the Wake of WannaCry

May 17, 2017

Investigative Realities: Working Effectively With Forensic Firms (Part Two of Two)

May 17, 2017

Executive Order on Cybersecurity Signed Amidst Massive Worldwide Ransomware Attack

May 3, 2017

Investigative Realities: Working Effectively With Forensic Firms (Part One of Two)

May 3, 2017

Infrastructure Cybersecurity Challenges: A View Through the Oil and Gas Pipeline Lens

Apr. 19, 2017

Goodbye to the Blame Game: Forging the Connection Between Companies and Law Enforcement in Incident Response

Apr. 5, 2017

Data Preservation and Collection During a Government Data Breach Investigation 

Apr. 5, 2017

Multimillion-Dollar Scheme Serves As Backdrop for Lessons on Preventing and Mitigating Phishing Attacks

Mar. 22, 2017

Forensic Firms: Effective Vetting and Collaboration (Part Three of Three)

Mar. 8, 2017

A Real-Life Scenario Offers Lessons on How to Handle a Breach From the Inside

Mar. 8, 2017

Defense and Plaintiff Perspectives on How to Survive Data Privacy Collateral Litigation

Mar. 8, 2017

Preparing For Ransomware Attacks As Part of the Board’s Fiduciary Duty

Mar. 8, 2017

Forensic Firms: Key Contract Considerations and Terms (Part Two of Three)

Feb. 22, 2017

Strategies for In-House Counsel Responsible for Privacy and Data Security 

Feb. 22, 2017

Marsh and FireEye Take the Pulse of European Cybersecurity Climate

Feb. 22, 2017

Forensic Firms: Understanding and Leveraging Their Expertise From the Start (Part One of Three)

Feb. 8, 2017

Lessons From the Continued Uptick in HIPAA Enforcements 

Feb. 8, 2017

Key Strategies to Manage the First 72 Hours Following an Incident

Jan. 11, 2017

FTC Priorities for 2017 and Beyond

Jan. 11, 2017

Ten Cybersecurity Priorities for 2017

Dec. 14, 2016

Advice From Compliance Officers on Getting the C-Suite to Show You the Money for Your Data Privacy Program

Nov. 30, 2016

How to Respond to Law Enforcement Demands for Geolocation Data and Data Stored Abroad

Nov. 16, 2016

Increasing Role of Counsel Among Operational Shifts Highlighted by Cyber Risk Management Survey

Nov. 2, 2016

Advice From Blackstone and Tiffany CISOs on Fighting Cybercrime

Oct. 5, 2016

Learning From Experience: Five Actions to Take and Five Mistakes to Avoid When Testing a Breach Response Plan 

Sep. 21, 2016

Seven Overlooked Business Costs of a Cyber Breach and Strategies for Avoiding Them

Sep. 7, 2016

Survey Reveals What Keeps Consumers Away From Connectivity and How to Address Their Concerns 

Sep. 7, 2016

Using Information Sharing to Combat Cyber Crime While Protecting Privacy 

Aug. 3, 2016

How Cyber Stakeholders Can Speak the Same Language (Part Two of Two)

Jul. 20, 2016

How Cyber Stakeholders Can Speak the Same Language (Part One of Two)

Jul. 20, 2016

Checklist for an Effective Incident Response Plan

Jul. 6, 2016

Technology Leader Discusses How to Deal With the Growing Threat of Ransomware 

Jul. 6, 2016

Law Enforcement on Cybersecurity Matters: Corporate Friend or Foe? (Part Two of Two)

Jun. 22, 2016

ISIL-Linked Hacker Pleads Guilty in First-of-Its-Kind Cyber Terror Case

Jun. 22, 2016

How to Avoid Common Mistakes and Manage the First 48 Hours Post-Breach

Jun. 22, 2016

Law Enforcement on Cybersecurity Matters: Corporate Friend or Foe? (Part One of Two)

Jun. 22, 2016

Assistant Attorney General Leslie Caldwell Addresses the Challenges of Cross-Border Cooperation and Electronic Evidence Gathering

Jun. 8, 2016

Minimizing Class Action Risk in Breach Response

Jun. 8, 2016

Vendor Cyber Risk Management: 14 Key Contract Terms (Part Two of Two)

May 25, 2016

A Guide to Developing and Implementing a Successful Cyber Incident Response Plan: Does Your Plan Work? (Part Three of Three)

May 11, 2016

Google, CVS and the FBI Share Advice on Interacting With Law Enforcement After a Breach

May 11, 2016

A Guide to Developing and Implementing a Successful Cyber Incident Response Plan: Seven Key Components (Part Two of Three)

Apr. 27, 2016

A Guide to Developing and Implementing a Successful Cyber Incident Response Plan: From Data Mapping to Evaluation (Part One of Three)

Apr. 27, 2016

Regulators Speak Candidly About Cybersecurity Trends, Priorities and Coordination

Apr. 13, 2016

Picking up the Pieces After a Cyber Attack and Understanding Sources of Liability

Apr. 13, 2016

Ten Steps to Minimize Data Privacy and Security Risk and Maximize Compliance

Mar. 30, 2016

In-House and Outside Counsel Offer Strategies for Navigating the TCPA, Avoiding Litigation and Responding to Breaches

Mar. 16, 2016

How Financial Service Providers Can Address Common Cybersecurity Threats

Mar. 2, 2016

Designing, Implementing and Assessing an Effective Employee Cybersecurity Training Program (Part Two of Three)

Mar. 2, 2016

Synthesizing Breach Notification Laws in the U.S. and Across the Globe

Mar. 2, 2016

Prosecuting Borderless Cyber Crime Through Proactive Law Enforcement and Private Sector Cooperation

Mar. 2, 2016

How the American Energy Industry Approaches Security and Emphasizes Information Sharing

Feb. 17, 2016

Cybersecurity Preparedness Is Now a Business Requirement

Feb. 3, 2016

Minimizing Breach Damage When the Rubber Hits the Road

Feb. 3, 2016

How In-House Counsel, Management and the Board Can Collaborate to Manage Cyber Risks and Liability (Part Two of Two) 

Dec. 9, 2015

Proactive Steps to Protect Your Company in Anticipation of Future Data Security Litigation (Part Two of Two)

Dec. 9, 2015

The Multifaceted Role of In-House Counsel in Cybersecurity 

Nov. 25, 2015

Proactive Steps to Protect Your Company in Anticipation of Future Data Security Litigation (Part One of Two)

Nov. 11, 2015

Target Privilege Decision Delivers Guidance for Post-Data Breach Internal Investigations

Nov. 11, 2015

California Law Enforcement Faces Higher Bar in Acquiring Electronic Information

Nov. 11, 2015

What Companies Can Learn from Cybersecurity Resources in Pittsburgh

Oct. 28, 2015

Orrick Attorneys Explain California’s New Specific Standards for Breach Notification

Aug. 26, 2015

Meeting Expectations for SEC Disclosures of Cybersecurity Risks and Incidents (Part Two of Two)

Aug. 12, 2015

Cybersecurity 2.0: The Role of Counsel in Addressing Destructive Cyberattacks

Aug. 12, 2015

Meeting Expectations for SEC Disclosures of Cybersecurity Risks and Incidents (Part One of Two)

Jul. 29, 2015

How to Prevent and Manage Ransomware Attacks (Part Two of Two)

Jul. 29, 2015

Canada’s Digital Privacy Act: What Businesses Need to Know

Jul. 15, 2015

The Challenge of Coordinating the Legal and Security Teams in the Current Cyber Landscape (Part Two of Two)

Jul. 15, 2015

How to Prevent and Manage Ransomware Attacks (Part One of Two)

Jul. 1, 2015

Coordinating Legal and Security Teams in the Current Cybersecurity Landscape (Part One of Two)

Jul. 1, 2015

SEC Commissioner Says Public-Private Partnership Is Key to Effective Cybersecurity

Jul. 1, 2015

Preserving Privilege Before and After a Cybersecurity Incident (Part Two of Two)

Jun. 17, 2015

In a Candid Conversation, FBI Director James Comey Discusses Cooperation among Domestic and International Cybersecurity Law Enforcement Communities (Part Two of Two)

Jun. 17, 2015

Preserving Privilege Before and After a Cybersecurity Incident (Part One of Two)

Jun. 3, 2015

Ponemon Study Finds Increasing Data Breach Costs and Analyzes Causes

Jun. 3, 2015

In a Candid Conversation, FBI Director James Comey Talks About the “Evil Layer Cake” of Cybersecurity Threats (Part One of Two)

May 20, 2015

After a Cyber Breach, What Laws Are in Play and Who Is Enforcing Them?

May 20, 2015

DOJ Encourages Cyber Incident Reporting and Advance Planning with Best Practices Guidance

May 6, 2015

Gibson Dunn Attorneys Discuss the Impact of Obama’s Executive Order Creating New Tools to Fight Cyber Attacks

Apr. 22, 2015

Steps to Take Following a Healthcare Data Breach

Apr. 22, 2015

Analyzing the Cyber Insurance Market, Choosing the Right Policy and Avoiding Policy Traps

Mar. 29, 2023

A Practical Guide to New Video Privacy Decisions Starring PBS and People.com

Mar. 22, 2023

ECJ Ruling Expands Legal Professional Privilege

Mar. 8, 2023

BIPA Decisions Expand Potential Liability: What’s Next in Illinois and Other States?

Jan. 11, 2023

Something’s Gotta Give: Navigating Auditor Inquiries in Investigations (Part Two of Two)

Jan. 4, 2023

Something’s Gotta Give: Navigating Auditor Inquiries in Investigations (Part One of Two)

Dec. 7, 2022

Checklist for Preserving Privilege of Forensic Analyses Post Breach

Oct. 26, 2022

Navigating the Interplay of Breach Response and Breach Notification

Sep. 14, 2022

Shaping the BIPA Landscape: Avoiding Liability

Sep. 07, 2022

Shaping the BIPA Landscape: Notable Trends and Developments

Aug. 10, 2022

Tips for How In-House Counsel Can Navigate Typical Ethical Dilemmas and Conflicts of Interest (Part Two of Two)

Aug. 10, 2022

Protecting Against Crypto Theft

Aug. 3, 2022

Importance of In-House Counsel Discerning Their Client and Managing Evolving Attorney-Client Privilege Issues (Part One of Two)

Jul. 20, 2022

Looking Back on the Breach: Fundamentals of Preserving Privilege of Forensic Analyses in the Wake of a Data Breach

Jun. 29, 2022

Lessons From CISA for In-House Counsel on Mitigating and Managing MSP Breach Threats

Mar. 16, 2022

No End in Sight: Biometrics Litigation Trends

Feb. 2, 2022

Compliance Takeaways From the Latest GDPR Enforcement Statistics

Oct. 20, 2021

Collective Actions in the U.K. After Lloyd v. Google

Aug. 18, 2021

A Look Inside Businesses’ Private Disputes Over Ransomware Costs

Jul. 28, 2021

Will Supreme Court’s New Standing Test Tame the Real World of Class Actions?

Jun. 9, 2021

To “Cure” or Not to “Cure,” That Is the Question

Mar. 3, 2021

Preserving the Privilege for In-House Counsel: Internal Investigations and Depositions

Mar. 3, 2021

Six Ways to Address Privacy Concerns in Biometric Vendor Contracts

Feb. 24, 2021

Preserving the Privilege for In-House Counsel: Communications and Common Issues

Feb. 24, 2021

Conduct Remedies: The Undervalued Element of Cybersecurity and Privacy Class Actions

Feb. 17, 2021

Big Questions for BIPA Case Law in 2021

Feb. 3, 2021

Expect Continuing Regulatory Focus on Cybersecurity and Data Protection in 2021

Jan. 27, 2021

Steps to Protect Privilege for Data Breach Forensic Reports

Jan. 20, 2021

Disputed Twitter Fine Offers Breach Response Lessons

Dec. 2, 2020

Facebook Wiretap Ruling Inspires Slew of Lawsuits Over Consumer Tracking

Nov. 4, 2020

Comparing U.S. and E.U. Approaches to Incident Response and Breach Notification

Sep. 30, 2020

Should Victims of State-Sponsored Hacking Be Liable for Personal Data Breaches?

Sep. 23, 2020

Data Breaches, Leaked Documents and the Attorney-Client Privilege: Can the Bell Really Be Unrung?

Jul. 15, 2020

Google Decision Opens the Door for American-Style Class Action in U.K.: Six Ways to Avoid Liability

Jul. 8, 2020

Google Decision Opens the Door for American-Style Class Action in U.K.: Analyzing What Constitutes Harm

Jun. 10, 2020

After Capital One Ruling, How Will Companies Protect Forensic Reports?

Jun. 3, 2020

Preserving Privilege in Audits and Internal Investigations

May 13, 2020

Setting Your Company Up to Win Cyber Insurance Battles

May 6, 2020

Managing Ransomware’s Mutation Into a Public Data Breach

Apr. 29, 2020

What Is the Potential Liability for Zoombombing, and How Safe Are Zoom Alternatives?

Apr. 22, 2020

Morrisons Ruling Lets U.K. Employers Off the Hook for Rogue Employee Data Leaks

Jan. 22, 2020

How to Stem the Coming Tide of CCPA Private Litigation

Sep. 18, 2019

Strategies and Tactics for Developing an Effective Tabletop Exercise (Part One of Two)

Sep. 11, 2019

Lessons From Equifax on How to Mitigate Post-Breach Legal Liability

Aug. 7, 2019

Lessons From SDNY Ruling on How to Preserve Privileged Communications With Attorney Consultants

May 29, 2019

Keeping CISOs and the C-Suite Off the Witness Stand

Mar. 20, 2019

Increased Post-Breach Discovery Turns Spotlight on Privilege

Feb. 27, 2019

U.K. Employers on the Hook for Rogue Employee Data Leaks Post-Morrison​​​​​

Feb. 27, 2019

Preserving Privilege in Communications Involving In-House Counsel

Feb. 13, 2019

Reducing Risk in the Dawn of Equifax and Other Cyber-Related Securities Fraud Class Actions

Feb. 6, 2019

The New Normal: Easier Data Breach Standing Is Here to Stay

Jan. 30, 2019

Navigating Cloud Litigation’s Claims and Theories

Jan. 23, 2019

Illinois Federal Court Denies Standing in BIPA Claim Against Google

Dec. 19, 2018

Interim Response Lessons From the Marriott Breach

Dec. 12, 2018

Understanding the Potential Implications of Pennsylvania’s Newly Recognized Common Law Duty to Protect Personal Information

Dec. 12, 2018

Illinois Appellate Decision Creates Split on Standing to Sue Under BIPA

Dec. 5, 2018

Answers to Four Critical Questions on Privilege in Internal Investigations

Sep. 19, 2018

Measures for Resolving Business Disputes Over Data Privacy and Security

Sep. 19, 2018

Ohio Adopts Pioneering Cybersecurity Safe Harbor for Companies

Jun. 6, 2018

Analyzing New and Amended State Breach Notification Laws

May 2, 2018

Lessons on Litigation Privilege in Internal Investigations from the U.K.’s Bilta v. Royal Bank of Scotland Case

Feb. 14, 2018

NY AG and HHS Flex Regulatory Muscles in Recent Protected Health Information Breach Settlements

Feb. 14, 2018

Dynamic Regulations and Shareholder Actions Guide the Board’s Shifting Role in Cyber (Part Two of Two)

Jan. 31, 2018

Dynamic Regulations and Shareholder Actions Guide the Board’s Shifting Role in Cyber (Part One of Two)

Jan. 31, 2018

Biometric Data Protection Laws and Litigation Strategies (Part One of Two)

Jan. 17, 2018

A Wake-Up Call: Data Breach Standing Is Getting Easier

Dec. 6, 2017

Actions Under Biometric Privacy Laws Highlight Related Risks

Sep. 13, 2017

Dispelling Myths About When Attorney-Client Privilege Applies to Communications With In-House Counsel

May 31, 2017

Reacting Quickly With a Nimble Incident Response Plan

May 31, 2017

Takeaways From State AGs’ Record-Breaking Target Data Breach Settlement

Apr. 19, 2017

The Wisdom of Planning Ahead: The Duty to Preserve Backup Tapes, Mobile Devices and Instant Messages

Apr. 19, 2017

How to Walk the Tightrope of Cooperation and Privilege When Facing Government Investigations and Parallel Litigation

Mar. 8, 2017

Protecting Attorney-Client Privilege and Attorney Work Product While Cooperating With the Government: Implications for Collateral Litigation (Part Three of Three)

Mar. 8, 2017

Defense and Plaintiff Perspectives on How to Survive Data Privacy Collateral Litigation

Feb. 22, 2017

Protecting Attorney-Client Privilege and Attorney Work Product While Cooperating with the Government: Strategies to Minimize Risks During Cooperation (Part Two of Three)

Feb. 8, 2017

Protecting Attorney-Client Privilege and Attorney Work Product While Cooperating With the Government: Establishing Privilege and Work Product in an Investigation (Part One of Three)

Feb. 8, 2017

Third and Seventh Circuits Shed New Light on Spokeo Standing Analysis

Nov. 30, 2016

Attorney-Consultant Privilege? Structuring and Implementing the Kovel Arrangement (Part Two of Two)

Nov. 16, 2016

Attorney-Consultant Privilege? Key Considerations for Invoking the Kovel Doctrine (Part One of Two)

Oct. 19, 2016

How the Financial Services Industry Can Handle Cybersecurity Threats, Acquisition Diligence and Breach Response

Oct. 5, 2016

Eighth Circuit Sides With Defendants As the Spokeo Standing Battle Continues 

Sep. 7, 2016

Lessons From Consumer Challenges to Email Review Practices

Aug. 24, 2016

Takeaways From the FTC’s Revival of the LabMD Action 

Aug. 3, 2016

Key Post-Breach Shareholder Litigation, Disclosure and Insurance Selection Considerations

Aug. 3, 2016

Six State Secrets and Data Privacy Considerations in Chinese Internal Investigations 

Jun. 22, 2016

How to Avoid Common Mistakes and Manage the First 48 Hours Post-Breach

Jun. 8, 2016

Minimizing Class Action Risk in Breach Response

Jun. 8, 2016

Eight Attributes In-House Counsel Look For in Outside Cybersecurity Counsel

May 25, 2016

Spokeo’s Impact on Data Breach Cases: The Class Action Floodgates Have Not Been Opened, But the Door Has Not Been Locked

May 25, 2016

Foreign Attorneys Share Insight on Data Privacy and Privilege in Multinational Investigations

May 11, 2016

When Do Consumers Have Standing to Sue Over Data Breaches?

Apr. 27, 2016

Federal Judge Offers Advice on Litigating Data Privacy, Security Breach and TCPA Class Action Suits

Apr. 27, 2016

Regulators Speak Candidly About Cybersecurity Trends, Priorities and Coordination

Apr. 27, 2016

A Guide to Developing and Implementing a Successful Cyber Incident Response Plan: From Data Mapping to Evaluation (Part One of Three)

Apr. 13, 2016

Picking up the Pieces After a Cyber Attack and Understanding Sources of Liability

Mar. 30, 2016

In-House and Outside Counsel Offer Strategies for Navigating the TCPA, Avoiding Litigation and Responding to Breaches

Mar. 30, 2016

Making Sense of Conflicting Standing Decisions in Data Breach Cases

Feb. 3, 2016

Germany Eases Restrictions on Certain Privacy Class Actions

Feb. 3, 2016

How In-House Counsel, Management and the Board Can Collaborate to Manage Cyber Risks and Liability (Part Two of Two) 

Dec. 9, 2015

Proactive Steps to Protect Your Company in Anticipation of Future Data Security Litigation (Part Two of Two)

Nov. 25, 2015

Proactive Steps to Protect Your Company in Anticipation of Future Data Security Litigation (Part One of Two)

Nov. 11, 2015

Target Privilege Decision Delivers Guidance for Post-Data Breach Internal Investigations

Nov. 11, 2015

Liability Lessons from Data Breach Enforcement Actions

Sep. 30, 2015

Learning from the Target Data Breach About Effective Third-Party Risk Management (Part Two of Two)

Sep. 16, 2015

Examining Evolving Legal Ethics in the Age of the Cloud, Mobile Devices and Social Media (Part Two of Two)  

Sep. 16, 2015

Learning from the Target Data Breach About Effective Third-Party Risk Management  (Part One of Two)

Sep. 16, 2015

Privacy and Cybersecurity in Canada: Legal Risk Update

Jul. 29, 2015

Analyzing and Complying with Cyber Law from Different Vantage Points (Part Two of Two)

Jul. 29, 2015

Seventh Circuit Reopens a Door for Plaintiffs in Data Breach Class Actions

Jul. 15, 2015

Analyzing and Complying with Cyber Law from Different Vantage Points (Part One of Two)

Jul. 1, 2015

Preserving Privilege Before and After a Cybersecurity Incident (Part Two of Two)

Jul. 1, 2015

What Companies Need to Know About the FCC’s Actions Against Unwanted Calls and Texts

Jun. 17, 2015

Preserving Privilege Before and After a Cybersecurity Incident (Part One of Two)

May 6, 2015

Lessons from the 2013 Target Data Breach: What Future Resolutions of Large-Scale Data Breaches May Look Like

Most-Read Articles

  • Mar. 15, 2023
    Managing Legal Issues Arising From Use of ChatGPT and Generative AI: E.U. and U.S. Privacy Law Considerations
    • Artificial Intelligence
  • Mar. 22, 2023
    Managing Legal Issues Arising From Use of ChatGPT and Generative AI: Industry Considerations and Practical Compliance Measures
    • Artificial Intelligence
  • Mar. 8, 2023
    BIPA Decisions Expand Potential Liability: What’s Next in Illinois and Other States?
    • Biometrics
  • Mar. 8, 2023
    Best Practices to Combat Surge of Unwanted Data Scraping
    • Big Data
  • Feb. 1, 2023
    AI Governance Gets Real: Tips From a Chat Platform on Building a Program
    • Artificial Intelligence

Spotlight on Trailblazing Women

 In honor of International Women’s Day, some of ION Analytics' editorial teams led by women interviewed notable women in the markets and industries we cover. In this part, Jill Abitbol and Rebecca Hughes Parker shined a spotlight on notable women in compliance and hedge fund, data privacy and cybersecurity, and anti-corruption law, including Amii Barnard-Bahn, Abigail Bell, Genna Garver, Jane Horvath, Barbara Li, Amy Mushahwar, Mara Senn and Carol Widger. The interviews are here.

 


Webinar on Compliant International Data Transfers

Listen here to our discussion with our colleagues at Ethos Privacy, which took place on March 1, 2022, on how to approach international data transfer challenges. 

  • Privacy Policy
  • Terms of Use
  • About Us

© 2023 Mergermarket Limited. All rights reserved.

Sign inFree trialForgot password ×

Sorry, we do not recognise the username and password combination you have entered.

Please ensure you have typed your email address correctly and remember that passwords are case sensitive.

You are logged into a maximum of three different browsers/devices.

Please log in with one previously used and go to My Account to manage the browsers/devices you are using.

Forgotten password? Request Details


Not a user? Get a free trial

Thank you.

A reset link has been sent to the email address provided.

Please be aware that the time taken for mail to be delivered is dependent upon your Internet Service Provider. It should normally arrive within 5-15 minutes.

Request Details

Sorry, this email address is not recognised on our system




Thank you, we'll contact you about your trial