Judge deals major blow to SEC’s cybersecurity enforcement stance

“The decision substantially limits the SEC’s authority to challenge a company’s cybersecurity program,” attorney Mark Schonfeld said.

By Alexei Alexis • July 23, 2024

Companies turn to AI contract tools to reduce external risks

Executives often overlook the importance of shrewd third-party contracting when managing their risk profiles, according to a legal tech panel.

By Justin Bachman • July 18, 2024

Majority of SEC civil fraud case against SolarWinds dismissed, but core remains

The court ruling related to claims leading up to and immediately following the 2020 Sunburst supply chain hack.

By David Jones • July 18, 2024

Ransomware leak site posts jumped 20% in Q2

Threat groups claimed attacks on 1,237 organizations during the quarter, marking an increase from Q1. U.S.-based businesses accounted for more than half of all victims, Reliaquest found.

By Matt Kapko • July 16, 2024

Citi to pay $135.6M in new penalties over 2020 orders

The bank has made insufficient progress toward resolving nagging data quality, risk management and internal control issues, the OCC and Federal Reserve said.

By Dan Ennis • July 11, 2024

AI policy, compliance leave lawyers more skeptical than executives: survey

North America has so far adopted an “innovation-friendly” approach to AI regulations compared to countries in Europe and Asia, a report finds.

By Justin Bachman • July 10, 2024

Cyber insurance prices fall amid rising competition: report

The pricing relief comes even as cyberattacks are escalating and businesses are paying more to recover from them.

By Alexei Alexis • July 2, 2024

SEC’s $2.1M fine on RR Donnelly over hack response slammed as overreach

The agency’s assertion that a cybersecurity failure can be punished as an “internal accounting controls” violation is raising eyebrows.

By Alexei Alexis • June 25, 2024

Ransomware victims becoming less likely to pay cyberhackers

Demands jumped in 2023 even as more companies plot better defenses against attacks that can incur deep business interruption costs, a report says. 

By Justin Bachman • June 17, 2024

Chopra raises alarm on ‘financial surveillance’ at Senate hearing

“These plans to monetize sensitive financial transaction data are a reminder that the United States is slowly lurching toward more financial surveillance and even financial censorship,” CFPB Director Rohit Chopra said.

By Rajashree Chakravarty • June 13, 2024

Solution to patchwork of state data-privacy laws shows promise

By mostly preempting state laws, the American Privacy Rights Act would give companies a much-needed roadmap for compliance, privacy specialists say.

By Jessica Mach • April 12, 2024

EU lawmakers pass sweeping AI rules with global reach, stiff penalties

Penalties include up to €35 million or 7% of a company’s total worldwide annual turnover — whichever is higher — for violations of a ban on “emotion recognition” in the workplace.

By Alexei Alexis • March 13, 2024

Visa spends ‘billions’ battling cybersecurity threats

The company is using generative artificial intelligence to thwart account-to-account fraud by way of Visa services.

By Lynne Marek • March 11, 2024

Cloud intrusions spiked 75% in 2023, CrowdStrike says

Threat actors are targeting organizations’ inconsistent cloud security systems to intrude networks and maintain persistence.

By Matt Kapko • Feb. 27, 2024

CalChamber seeks state Supreme Court review of privacy case

The California Chamber of Commerce is advancing its argument that voters wanted a one-year gap between adoption and enforcement of updated regulations under the state’s landmark consumer privacy law.

By Lyle Moran • Feb. 22, 2024

Old data is the scourge of most breaches

Having a strict data retention policy can reduce the severity of a breach by limiting an organization’s most vulnerable information, breach response specialists say. 

By Robert Freedman • Feb. 21, 2024

Companies struggle with decarbonization due to internal governance, data issues

Most organizations are committed to decarbonization, but a siloed approach, bureaucracy and data challenges stand in the way of success, an Engie report says.

By Suman Bhattacharyya • Feb. 20, 2024

California privacy agency can enforce updated regulations, court rules

Businesses are urged to review their privacy practices to make sure they are in compliance with all elements of the California Consumer Privacy Act.

By Lyle Moran • Feb. 14, 2024

61% of organizations faced regulatory proceedings in 2023, report finds

Survey respondents said state and federal regulatory changes are contributing to fears about increased exposure to regulatory disputes, according to Norton Rose Fulbright.

By Lyle Moran • Feb. 13, 2024

The forward-thinking GC: Growing an in-house career with AI know-how

If artificial intelligence can detect red flags for cancer on brain scans and manage air traffic, can it help in-house legal teams manage contract reviews and redact privileged information from a data set?

Feb. 12, 2024

Contractual obligations driving data privacy, cybersecurity upgrades

To secure work from business partners, more companies are having to get serious about having the right technical and legal safeguards, a specialist says.

By Robert Freedman • Feb. 9, 2024

Data breach class actions are on the rise, report finds

The data breach cases also presented difficulties for the courts around issues of standing and uninjured class members, the Duane Morris report found.

By Lyle Moran • Feb. 6, 2024

State data privacy laws called toothless by public interest groups

With the exception of California, states don’t allow a private right of action and companies can collect more data than they need, experts say.

By Robert Freedman • Feb. 2, 2024

Law firm security breaches are fairly common, survey finds

The tech decision-makers surveyed said improved training and technology would help their law firms become better prepared to address cybersecurity threats.

By Lyle Moran • Jan. 22, 2024

Fed bans ex-banker, fines 3 others over data handling

A bank’s former CFO received more than 280,000 electronic documents — some containing confidential supervisory information — shortly after he was terminated from the bank in 2019, the Fed said.

By Dan Ennis • Jan. 18, 2024