CISO members of the Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) published a white paper to help cybersecurity leaders in retail and hospitality prepare for compliance with the California Consumer Privacy Act (CCPA).

Key recommendations from the white paper:

  • Consider contract language that prevents third-parties from selling personal information sold to them unless

Privacy compliance as a competitive differentiator: 97% of 3,200 companies surveyed say they are receiving auxiliary benefits today from their data privacy investments, beyond just meeting compliance requirements.

Benefits cited include:

  • greater agility and innovation
  • competitive advantage versus competition
  • operational efficiency
  • investor appeal
  • less costly data breaches
  • for companies that had undergone GDPR compliance work,

2019 presents businesses with new cybersecurity and privacy challenges: rapid advances in technology, sophisticated new cyberattacks and stricter privacy regulations here and around the world, just to name a few. Businesses that fail to plan risk significant financial and reputational damage.

Those at the front of the fight, but out of the headlines will:

  • Afford

Registration for the Privacy Summit is open.

Fox Rothschild’s Minneapolis Privacy Summit on November 8 will explore key cybersecurity issues and compliance questions facing company decision-makers. This free event will feature an impressive array of panelists drawn from cybersecurity leaders in major industries, experienced regulatory and compliance professionals and the Chief

On March 15, Fox Rothschild partner Scott Vernick will participate in a panel discussion on Developments in Data Privacy & Security as part of the 2017 Argyle Chief Legal Officer Leadership Forum. The Forum will take place from 8 a.m. to 5 p.m. at the Convene Conference Center at 730 3rd Ave in New York

The White House is building on recent laws addressing cybersecurity in the United States with the release of a new Cybersecurity National Action Plan (“CNAP”). The plan focuses on:

  • improving cybersecurity awareness and protections;
  • additional privacy and security protections for individuals through the creation of a permanent Federal Privacy Council;
  • maintenance of public safety, economic

This blog post is the fifth entry of a six series discussing the best practices relating to cyber security. The previous post discussed the important steps that a business should take to preserve evidence and information once a cyberattack has been identified. This post will discuss the individuals and organizations that should be notified once a cyberattack occurs. The four most important groups to contact are (1) individuals within the business, (2) law enforcement officials, (3) The Department of Homeland Security, and (4) other possible victims.
Continue Reading

This blog post is the third installment of a seven-part series discussing the best practices relating to cyber security. The first two blog posts discussed the best practices for preparing a business in case of a cyberattack. This post will discuss the initial steps that a business should take after a cyberattack occurs.
Continue Reading

This is the second installment in a seven-part discussion on the best practices to prevent a cyberattack. The first part discussed four critical steps to prepare a business in the case of a cyberattack. These included: (1) identifying the crucial assets and functions a business, (2) creating an Response Plan, (3) installing the appropriate technology, and (4) obtaining authority for network monitoring. This article builds on those steps by suggesting further best practices in order to prevent a cyberattack.
Continue Reading