All articles by Adrianne Appel – Page 7
-
Premium
CPPA eyeing broad scope in early discussions around data risk assessments
Draft risk assessment regulations under the California Consumer Privacy Act are designed to prohibit businesses from handling consumer data if uncontrolled risks—to the security and privacy of the consumer, the public, or the business—outweigh the benefits.
-
Premium
Big Tech wants AI ‘referee,’ but lawmakers differ on approach to regs
Federal lawmakers shined a spotlight on artificial intelligence this week, raising the possibility that Congress will—eventually—legislate some controls on the burgeoning technology should middle ground be found.
-
Premium
California cybersecurity audit rule scope begins taking shape at CPPA meeting
A final version of California’s cybersecurity audit rules likely won’t be released until later next year at the earliest, according to a rough timeline discussed by the California Privacy Protection Agency.
-
Premium
From 5 to 11: Keeping up with new state data privacy laws
If multi-state businesses thought at the start of 2023 complying with a patchwork of U.S. state privacy laws was going to be a lot of work, now they must be overwhelmed. Experts assess the fast-evolving U.S. privacy landscape.
-
Premium
Preparing for SEC cybersecurity rules an opportunity for collaboration
Businesses can prepare for the Securities and Exchange Commission’s upcoming cybersecurity disclosure rule by going through it and identifying key gaps in compliance.
-
Premium
Cyber expert: Reach for data security to achieve compliance
Data security and compliance are not one and the same but have enough overlap that organizations can take steps when building a data security program to move closer to achieving compliance.
-
Premium
Companies get say on Biden executive order restricting China tech investments
President Joe Biden’s recent executive order to restrict certain outbound investments to China offers an opportunity for companies to help shape the program by offering input through comment.
-
Premium
Covington mulling appeal of ruling in SEC breached client case
Covington & Burling is leaving open the possibility of appealing a recent federal court order requiring the law firm to provide the names of hacked clients to the Securities and Exchange Commission.
-
Premium
Risks, opportunities under SEC’s cyber incident disclosure rule
The clock is ticking for public companies to put in place policies and practices to meet the requirements of the Securities and Exchange Commission’s newly approved cybersecurity incident disclosure rule.
-
Premium
Need to know: New York City AI bias law
Companies that use automated tools to screen candidates for jobs based in New York City must check those systems for bias or potentially run afoul of a first-in-the-nation law.
-
Premium
IBM report: Data breach costs at all-time high; AI helping detection
The global average cost of a data breach reached a new all-time high of $4.45 million in 2023, according to IBM’s annual report.
-
Premium
Biden cyber strategy plan calls for big businesses to step up
The “biggest, most capable, and best-positioned” businesses must assume a greater share of mitigating cyber risks, the White House said in announcing the National Cybersecurity Strategy Implementation Plan.
-
Premium
California privacy reg delay offers little more than short reprieve
Many businesses are breathing a sigh of relief following a court ruling that delayed enforcement of certain provisions of the California Privacy Rights Act, but companies should not rest on their laurels, according to experts.
-
Premium
SEC’s Grewal spotlights enforcement focus on cyber disclosures
The No. 1 priority at the Securities and Exchange Commission after organizations are impacted by a cybersecurity incident is that investors receive timely and accurate disclosures, according to Enforcement Division Director Gurbir Grewal.
-
Premium
FTC cases thrust COPPA compliance into spotlight
The Federal Trade Commission’s recent children’s privacy enforcement activity—including fines against Microsoft and Amazon—leaves no doubt businesses must make complying with the Children’s Online Privacy Protection Act a top priority.
-
Premium
CFTC commissioner crafting potential proposed rule on cyber resiliency
The Commodity Futures Trading Commission’s Technology Advisory Committee sponsored by Commissioner Christy Goldsmith Romero is crafting potential rulemaking to establish cyber resiliency baselines among swap dealers and futures commission merchants.
-
Premium
Nutanix discloses remediation steps following costly software misuse
A lack of oversight of employees handling vendor software is one of several failings at cloud computing company Nutanix that led to misuse, $11 million in estimated costs, and two pending lawsuits.
-
Premium
Verizon report: Lion’s share of data breaches linked to organized crime
About 83 percent of data breaches are perpetrated by external bad actors and not employees, with 70 percent of those breaches linked to organized crime groups with financial motives, according to the latest research.
-
News Brief
Tenet-affiliated health systems to pay $30M in DOJ kickback case
Tenet Healthcare, Vanguard Health Systems, and the Detroit Medical Center agreed to pay $29.7 million as part of a settlement with the Department of Justice addressing allegations they provided kickbacks to doctors who made referrals to their health organizations.
-
News Brief
FTC orders Amazon pay $30M for alleged Alexa, Ring privacy violations
Amazon is set to pay more than $30 million comprised of a civil penalty and consumer refunds to resolve two separate cases alleging privacy violations regarding its Alexa voice assistant service and Ring doorbell subsidiary.