Privacy Plus+ News
Stay informed with our latest insights on privacy and technology trends, along with key updates from our firm.
In the Dark: Understanding the Implications of “Shadow AI.”
This week, let’s consider the growing trend of “Shadow AI,” which refers to the unsanctioned use of AI tools or systems within an organization, often without the knowledge of the organization and outside of the organization’s governance framework.
SEC Adopts New Cybersecurity Disclosure Rules for Public Companies
This week, let’s address the SEC’s recently adopted rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incidents by public companies. We’ll look at the mechanics, summarize the changes, highlight effective dates, and offer some thoughts.
Top 5 Questions for Directors Re: Cyber Governance
This week, let’s focus on effective cyber governance by the board of directors, and propose some questions that every director should ask to protect themselves and their organizations from cyber risk and personal liability.
Top 5 Questions Every CISO Should Ask
This week, let’s consider some questions that every Chief Information Security Officer should ask to protect themselves and their organizations from cyber risk and personal liability.
Cybersecurity Whistleblowers
This week, let’s highlight the recent uptick in cybersecurity whistleblowers, including those from the Dallas Independent School District and Twitter, and consider how to deal with cybersecurity whistleblower complaints.
Cyber Liability for Directors and Officers
This week, let’s catch up on cyber liability issues — from Drizly to Uber to SolarWinds — officers and directors should be tuning in and turning their attention to cyber and privacy corporate governance and D&O insurance.
OCC Requires Board Oversight of Cyber Risk
This week, let’s consider OCC’s consent order against Capital One, and particularly its requirement for board management and oversight of cyber risk.
The E.U.-U.S. Digital Divide
This week, as Europe’s highest court invalidates the EU-US Privacy Shield, let’s consider resolving the larger issues —the improbable existence of “privacy islands” in a digital world that doesn’t respect boundaries and what your company should do now.
CEO Indictment and Derivative Litigation May Foretell the Next Chapter in Privacy and Cyber Liability
This week, let’s consider why the indictment of Blue Bell’s ex-CEO matters to privacy and cybersecurity liability for executives and boards of directors.
What You Should Know about the Data Supply Chain
This week, we turn from current events to focus on the data supply chain, where personal information is transferred from citizen consumers to companies far-far away.