Cyber Security Archive
Third-party risk management focuses on identifying and reducing risks relating to vendors, suppliers, partners, contractors, and service providers. It has become more important than ever due to the growing trend in third-party data breaches. Incidents such as the SolarWinds hack …
As the owner or manager of an organization, it’s your responsibility to protect your customers and the data that they give you. Clients typically always assume that you can be trusted, but if you experience a data breach, then not …
Litigation following a data breach is like adding insult to injury. The incident damages your reputation and slows your business as you try to correct the issues. Then you have to pay for litigation expenses and perhaps a destructive award. …
There are few federal incident response laws. The U.S. Congress tried to change that last year. Both Republicans and Democrats have expressed a desire to pass cybersecurity incident reporting legislation, either as a standalone bill or as part of another …
Cybersecurity and risk management go hand in hand. Yet organizations often develop cybersecurity and risk management strategies independently. This can result in security gaps that endanger businesses, their employees, and their customers. An organization must plan for cyber attacks and …
In a recent blog, we discussed the laws that enable individuals affected by data breaches to receive compensation. There are three main methods to do this. The first is to use laws that allow private rights of action. The second …
Cyber criminals attack organizations in every industry – and the real estate sector is no exception. Real estate organizations must plan for current and emerging cyber threats so that they are well-equipped to guard against cyber attacks. Ultimately, there is …
As a cybersecurity and privacy lawyer, I consider the GLBA (Gramm-Leach-Bliley Act) an early but outdated effort at regulating the financial industry. It was passed in 1999. For consumers, the main impact is a long privacy notice that explains what …
It should surprise no cybersecurity professional that the U.S. Congress has failed to pass legislation that would have required organizations in critical sectors like energy and transportation to alert the government when they were hit with online incidents. In a …
HR departments have always been associated with the success and development of people, but now they are more proactively involved in cybersecurity and data protection. With the rise in cyber attacks and data breaches, this is no longer a responsibility …
