Seyfarth Synopsis:  On May 12, 2021, President Joe Biden issued a very broad, 34 page “Executive Order on Improving the Nation’s Cybersecurity.” The Executive Order, or “EO”, can be found here. This order comes six months after the notorious SolarWinds attack, and mere weeks after other high-profile attacks have invaded our networks, and shut

There have been seminal events in the cybersecurity space since 2012, but there has likely been no event in recent times bigger than the SolarWinds attack which was first announced in December 2020. Though it likely had “nation-state” origins, the SolarWinds attack raised a number of serious issues for US companies and indeed the US

From court closures and the way judges conduct appearances and trials to the expected wave of lawsuits across a multitude of areas and industries, the COVID-19 outbreak is having a notable impact in the litigation space—and is expected to for quite some time.

To help navigate the litigation landscape, we are kicking off a webinar

In this unprecedented time, businesses are, more than ever, implementing and rapidly rolling out programs for remote or at-home work by employees. The quick changes in local and state governmental “shelter in place” instructions and Public Heath directives have placed significant strains on remote networks and caused local shortages of laptop computers at office supply and electronic stores across the country.

With this unexpected increase in remote workers, many companies are pushing the limits of their existing remote access technology, or deploying ad hoc technology and access solutions as quickly as possible. Some of those companies are not taking the time to consider potential information security, privacy, and other compliance ramifications for those same remote workers.

It is entirely appropriate and necessary for companies to adapt their technology and work networks are utilized to the greatest degree possible to remain in operation and serve business and customer needs. But as always, data security and privacy should always be part of the equation.

Below are some essential things to know about the security risks posed by remote or at-home worker, and a Technical Checklist for Remote employees to make sure your corporate data is safe, and you do not risk compliance challenges with data privacy law and requirements.
Continue Reading Cybersecurity, Data Privacy, and Compliance Issues Related to Remote Workers

In September of this year, with SB 327, California stepped into the vanguard of information age law by passing a cybersecurity regulation on the Internet of Things. SB 327 has added new sections to Cal. Civil Code §1798. Specifically, §1798.91 et seq. While this seems to be a good thing, the larger question is what does it do, and how far does it reach?

Continue Reading California’s IoT Security Law – Everyone Needs Cybersecurity Now

At the end of June, the California legislature passed its Bill 375, the California Consumer Privacy Act of 2018.  The Act contains a number of concepts that would be familiar to those who are working to bring their companies and organizations into compliance with GDPR.  The new law defines a category of “Personal Information” that 

Seyfarth Shaw Offers Data Privacy & Protection in the EU-U.S. Desktop Guide and On-Demand Webinar Series

On May 25, 2018, the EU General Data Protection Regulation (“GDPR”) will impose significant new obligations on all U.S. companies that handle personal data of any EU individual. U.S. companies can be fined up to €20 million or 4%

Cross-posted from Carpe Datum Law

Recently, a widespread global ransomware attack has struck hospitals, communication, and other types of companies and government offices around the world, seizing control of affected computers until the victims pay a ransom.  This widespread ransomware campaign has affected various organizations with reports of tens of thousands of infections in

shutterstock_506771554Cross-posted from Carpe Datum Law

Another week, another well-concocted phishing scam.  The most recent fraudulent activity targeted businesses that use Workday, though this is not a breach or vulnerability in Workday itself.  Specifically, the attack involves a well-crafted spam email that is sent to employees purporting to be from the CFO, CEO, or Head of

shutterstock_519689296Seyfarth Shaw is pleased to announce the launch of Carpe Datum Law, a one-stop resource for legal professionals seeking to stay abreast of fast-paced developments in eDiscovery and information governance, including data privacy, data security, and records and information management. Seyfarth’s eDiscovery and Information Governance (eDIG) practice group created Carpe Datum Law to serve