Cybersecurity

In April 2025, the United Kingdom secured its first-ever criminal conviction for a breach of Russian sanctions — a milestone in the global enforcement landscape. But beneath the headline lies a far more pressing narrative: how a sanctioned Politically Exposed Person (PEP) was able to enter the UK, open a bank account, and launder funds through mainstream financial and non-financial institutions without detection.

On July 23, 2025, the Ninth Circuit issued a pivotal decision regarding digital art, blockchain technology, and trademark law. The ruling not only clarifies that non-fungible tokens (NFTs) are protectable “goods” under federal trademark law, but also sets important standards for how courts should analyze consumer confusion, fair use, and First Amendment protections surrounding artistic expression in the rapidly evolving NFT marketplace.

While the EU AI Act certainly deserves compliments for both its pioneering nature and numerous thoughtful provisions aimed at the efficient and effective regulation of modern AI, it is not without its drawbacks.

Denmark aims to make EU history by using copyright law — not privacy rules — to crack down on deepfakes and protect personal likenesses, diverging from the approaches adopted in the U.S. and other nations.

This two-part series summarizes modern security practices as advised by NIST’s latest guidelines, a framework that prioritizes proactive, resilient and user-friendly strategies. Part One of the series, published in last month’s issue, offered 10 must-know tips to improve personal cybersecurity; Part Two shares 10 tips to take your firm or organization’s security from good to great.

In a show of continuity between administrations, the Biden-era Executive Order 14117 — designed to restrict foreign access to Americans’ most sensitive personal data — has been allowed to take effect in the second Trump administration.The Department of Justice’s implementing regulation for this Order, finalized in late December 2024, became enforceable in April 2025.

In today’s digital-first business environment, legal departments are confronting an unprecedented escalation of risk. Cyberattacks are growing more frequent and sophisticated. Regulatory complexity is expanding across jurisdictions. And the pressure to respond quickly — without compromising accuracy or trust — is mounting.

The wave of cyberattacks and data breaches has turned information governance from a compliance afterthought into a required business function. Yet, despite well-publicized threats and skyrocketing costs associated with cyber incidents, most companies remain both underinsured and fundamentally underprepared.