Judge delays enforcement of California privacy law regulations

Businesses that thought they were going to need to comply this month with new regulations under the landmark CCPA will now have until spring 2024.

By Lyle Moran • July 5, 2023

Lawsuit seeks to curb AI rush, hold OpenAI accountable for stolen data

Although the charges focus on the unauthorized use of data, the lawsuit also sounds the alarm over where AI is heading and the ability of OpenAI, or any developer, to exercise control over the software as it evolves. 

By Robert Freedman • June 29, 2023

California privacy law changes draw in more businesses

Business-to-business organizations are newly subject to the law and the latest restrictions apply to data sharing, not just data selling. Meanwhile, other states are adding laws to the mix.

By Lisa Burden • June 23, 2023

Making our good work good for the company—and each other

When you’re able to offer time and talent to pro bono work, it helps bring valuable perspective to your work and your relationships.

By Danielle Sheer • June 22, 2023

Appetite for M&A deals is strong, but obstacles remain

The anticipated increase in M&A activity follows a period in which the economic climate has slowed dealmaking and regulators have applied close scrutiny.

By Lyle Moran • June 20, 2023

Cybercriminals often target high-profit companies, study finds

Damage from cybercrime far exceeds the sum of costs to targeted companies, harming peer companies and the broader economy, researchers said.

By Jim Tyson • June 12, 2023

Meta CLO: $1.3B EU data-transfer fine bodes ill for other U.S. companies

The problem the company faces is something that could become widespread if the U.S. and EU can’t come to a privacy agreement.

By Robert Freedman • May 23, 2023

Ransomware claims see 77% spike in early 2023

The figures follow a downward trend in 2022 that had been credited with helping to moderate skyrocketing premiums in the cyber insurance market.

By Alexei Alexis • May 9, 2023

Former Uber CSO avoids prison time for ransomware coverup

Joseph Sullivan was convicted last year after covering up a cyberattack while the ride sharing firm was under a Federal Trade Commission probe.

By David Jones • May 5, 2023

ChatGPT prompts experts to consider AI’s mark on cybersecurity

As technology vendors race to plug in generative AI, cybersecurity vendors will respond in kind.

By Matt Kapko • April 20, 2023

There’s a movement afoot to make tech vendors responsible for cybersecurity

The international joint guide encapsulates security recommendations long-touted by CISA, including technical tactics for software and infrastructure design and best practices for default security measures at large.

By Matt Kapko • April 19, 2023

Women in cybersecurity fight for inclusion despite talent shortage

Women are too often blocked before they can even apply for a position in cybersecurity by stringent job descriptions. 

By Sue Poremba • April 18, 2023

UKG to settle class action lawsuit with workers affected by Kronos outage

The filings come more than a year after the ransomware attack against UKG’s Kronos Private Cloud product.

By Ryan Golden • April 17, 2023

How Target approaches identity and access management

Designing an identity and access management system that provides a good user experience while preventing unauthorized access is a critical responsibility.

By Matt Kapko • April 14, 2023

Samsung employees leaked corporate data in ChatGPT: report

Data privacy is a concern for companies with employees using ChatGPT’s web-based interface, as input data is used to train and improve the tool.

By Lindsey Wilkinson • April 11, 2023

How blockchain may improve job candidate credentialing efforts

Leading HR groups and staffing agencies are part of an initiative to make the sharing of prospective employees' background information more reliable and secure.

By Lisa Burden • April 10, 2023

Google misled about chat preservation, judge says

The company has been deliberately misleading because it said it couldn’t change its chat history settings when in fact it could, federal judge James Donato says.

By Robert Freedman • March 29, 2023

Top business leaders, board members urged to take cyber risk ownership

The government cannot solve challenges posed by rising threat activity without active participation and corporate oversight from the private sector, CISA’s director said.

By David Jones • March 28, 2023

Compliance is a growing priority for legal departments worldwide

Risk mitigation and cost control are other key strategic initiatives for in-house legal teams, a recent report found.

By Lyle Moran • March 27, 2023

Cybersecurity market confronts potential consequences of banking crisis

Bank seizures impose new challenges on vendors in every segment and may spur consolidation.

By Matt Kapko • March 21, 2023

SEC proposes cybersecurity disclosure rules for financial industry specialists

The changes would require broker-dealers and other entities to adopt written plans to minimize risk and promptly disclose major incidents.

By David Jones • March 17, 2023

Bank failure panic fuels moment of opportunity for threat actors

As regulators step in to operate Silicon Valley Bank, threat hunters and security executives warned organizations to look out for malicious activity.

By Matt Kapko • March 14, 2023

Threat actors can use ChatGPT, too. Here’s what businesses should watch

With ChatGPT’s help, threat actors can generate well-written messages in bulk that are targeted to individual victims.

By Lindsey Wilkinson • Feb. 23, 2023

Accessing worker’s personal emails may violate federal privacy laws, appeals court warns

Employers should have policies that prohibit employees from saving company information to their personal devices, said one security data attorney.

By Laurel Kalser • Feb. 21, 2023

Companies grapple with post-breach disclosure risks

The concerns leading organizations to withhold information are aplenty, including reputational damage and financial impacts.

By Matt Kapko • Feb. 21, 2023