• China Finalizes New Regulations to Relax Personal Data Exports from China

    May 01, 2024 |

    Nearly six months after the Cyberspace Administration of China (CAC) was first introduced for public consultation, the much-awaited final rules on Regulating and Facilitating Cross-border Data Flows were published and came into effect on March 22, 2024. The New Regulations largely repeat the Draft Regulations, but now have further relaxed personal data exports from China.

  • Shielding Law Practices: Mitigating Vendor Risks to Safeguard Client Confidentiality

    May 01, 2024 |

    Because vendors often access clients' internal systems, customer data, and intellectual property, they will always be a magnet for hackers searching for valuable data. Bad actors will always look for the weak spots in a firm's defenses, including those deployed by a firm's vendors and other third parties. And signs point to a growing number of cyberattacks, not a lessening of them.

  • Lessons for CISOs from the SolarWinds Breach and SEC Enforcement

    May 01, 2024 |

    In an era where digital threats loom large, the responsibilities of Chief Information Security Officers have expanded beyond traditional IT security to encompass a broader governance, risk management, and compliance role. The infamous SolarWinds Corp. attack illustrates the complex cybersecurity landscape CISOs navigate.

  • A Roadmap for Implementing Information Governance In Law Firms

    May 01, 2024 |

    In today's digital age, the volume of data generated and managed by law firms has skyrocketed, presenting both opportunities and challenges. Unfortunately, in parallel with this exponential growth in data, and partially as a direct result of it, law firms have also experienced a significant increase in targeted cyberattacks.

  • New Federal Privacy Legislation Has Legitimate Shot At Passing

    May 01, 2024 |

    For years, the business community has been calling for a comprehensive federal privacy law, frustrated with operating under a patchwork of sometimes-conflicting state laws. Now, Congress is considering one that's extremely wide-ranging and that observers say has a legitimate chance of passage.

  • Navigating the SEC's New Cybersecurity Disclosure Rules

    May 01, 2024 |

    With the first cybersecurity rule for public companies, and the landscape of ongoing scrutiny and enforcement, SEC registrants should not lose time in reviewing their cybersecurity postures and policies to ensure compliance and, even ahead of formal adoption of certain still-pending rules, align with best practices.