Legal

Legal | News, how-tos, features, reviews, and videos

joe sullivan
Feature

Former Uber CSO Joe Sullivan and lessons learned from the infamous 2016 Uber breach

Russian flag overlay / mobile phone / wireless signals / data
News

Russian national indicted for ransomware attacks against the US

laid off worker layoff resignation leaving job
Feature

The hidden security risks in tech layoffs and how to mitigate them

Layoffs can be tough for both companies and employees. When grappling with anger, fear, and uncertainty, it's hard for anyone to be at their best. Here are some strategies for avoiding negative outcomes during layoffs.

gavel / money
News

Blackbaud penalized $3M for not disclosing the full scope of ransomware attack

The company detected unauthorized access to its systems in May 2020 that impacted 13,000 customers.

Networking cables viewed through a magnifying lens reveal a data breach.
News

PayPal sued for negligence in data breach that affected 35,000 users

Alleged data breach victims have sued PayPal in federal court for failing to safeguard their personal data, and are asking for class-action certification.

Binary flag of the European Union viewed through a magnifying lens and showing a ripple effect.
News

EU parliamentary committee says 'no' to EU-US data privacy framework

Progress on ratifying the Trans-Atlantic Data Policy Framework hit a snag, as a parliamentary committee rejected a draft decision to adopt the pact, saying it did not comply with the EU's GDPR privacy regulations.

us flag surveillance
Opinion

What CISOs need to know about the renewal of FISA Section 702

Section 702 of the Foreign Intelligence Surveillance Act sets out the rules for the US intelligence community around gathering information abroad—but is it inadvertently being used at home too?

cyber investigation justice
Opinion

US DOJ applies carrot-and-stick approach to Foreign Corrupt Practices Act policy

Corporations (and their CISOs) that discover wrongdoing or corruption within their own business are well-advised to self-report such activities and cooperate with prosecutors. The stakes are high for those who don’t.

gavel / abstract binary lines > court judgment / fine / penalty / settlement
Opinion

US Supreme Court leak investigation highlights weak and ineffective risk management strategy

The court’s inability to find out who leaked the draft decision and how they did it is a cautionary tale for CISOs about safeguarding sensitive information and intellectual property.

zuckerberg on stage
News

Meta hit with $413 million fine in EU for breaking GDPR rules

Regulatory wrangling results in a huge new fine over Facebook and Instagram data handling, even as Meta vows to appeal and EU data protection groups prepare for a court battle.

Lady Justice statue with scales, law books. [regulation / compliance / legal liability / fairness]
News

New York-barred attorneys required to complete cybersecurity, privacy, and data protection training

New requirements highlight lawyers’ technical competence duty to meet professional, ethical, and contractual obligations to safeguard client information.

News Analysis

Mondelez and Zurich’s NotPetya cyber-attack insurance settlement leaves behind no legal precedent

Mondelez International and Zurich American Insurance settled a keenly watched lawsuit over how cyberattack insurance applies to intrusions from nation states during wartime. A private agreement, its resolution sheds no light on how...

prisoner jail crime
News

Former Broadcom engineer gets eight months in prison for trade secrets theft

Peter Kisang Kim admitted to stealing Broadcom data related to its Trident family of network switching and cloud networking chipsets, while working for a Chinese startup.

instagram app login
News

Instagram faces $402 million fine for alleged mishandling of children’s data

Parent company Meta said that it plans to appeal the decision by the Irish Data Protection Commissioner, which is the second-largest, privacy-based fine on record.

Cover image for how much data does facebook use article
News

Facebook agrees to settle class action lawsuit related to Cambridge Analytica data breach

The four-year-old lawsuit claimed Facebook allowed the British political consulting firm access to private data of over 80 million users.

A binary map of china.
Feature

3 ways China's access to TikTok data is a security risk

The security community weighs in on real-world scenarios in which China or other nations could operationalize data collected by online platforms and how to mitigate the risk.

The shadow of hand unsettlingly hovers over a keyboard.
Opinion

China's cyber espionage focus: intellectual property theft

The recently uncovered Operation CuckooBees campaign shows how serious China is about using IP theft as a competitive advantage. Protect IP now or chase it later.

CSO: Have you met these hackers? [slide 04]
News Analysis

Chinese APT group Winnti stole trade secrets in years-long undetected campaign

The Operation CuckooBees campaign used zero-day exploits to compromise networks and leveraged Windows' Common Log File System to avoid detection.

lawsuit judge law court decision sued
Feature

Cybersecurity litigation risks: 4 top concerns for CISOs

Cybersecurity and data protection are expected to become top drivers of legal disputes. What litigation risks should CISOs be most concerned about and what can they do about it?

A man casts the shadow of an ominous hooded figure against a circuit-based wall.
Opinion

JHL Biotech's theft of Genentech data holds lessons for infosec

Genentech employees stole the company's data on behalf of JHL Biotech for years. What could they have done to spot the theft sooner?

Load More
You Might Also Like
Most Popular