The U.S. is cracking down on data sharing and export with foreign countries. A clear example of the United States’ position is seen in Executive Order 14117 (EO 14117) issued by President Biden on February 28, 2024.

Department of Justice (DOJ) seal

Titled “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern,” EO 14117’s main objective is simple – protect the sensitive personal data of individuals located in the United States. But, the reason for this Executive Order is more nuanced.Continue Reading Recent Executive Order and DOJ Rulemaking Prioritize the Protection of Sensitive Personal Data from “Countries of Concern”

To effectively guard against an enemy of any kind it’s important to know your enemy. This strategy is just as effective when fighting an online battle to protect your company’s data.

Before you can effectively defend against cyberattacks, it is important to educate yourself on potential threats and how to handle them. We invite you to join us on September 7 for part two of the Columbus Cybersecurity Series featuring FBI agent David Fine returns. During this portion of the
Continue Reading Real-Life Attacks On Business & What You Can Do To Deter A Cybercriminal – Event September 7

speedAll companies have employee, proprietary, financial and other sensitive data that require protection. Human error is still one of the most common causes of a data breach and that is very difficult, if not impossible, to completely eradicate.  Moreover, with the recent release of the Yates Memorandum from the Department of Justice (“DOJ”), the DOJ is emphasizing best practices when dealing with individuals in connection with corporate wrongdoing.  To quote my colleague, Jackie Bennett, “…now is the time to
Continue Reading Why Do You Need an Incident Response Plan?

The Department of Justice Cybersecurity Unit recently issued its “best practices” for cybersecurity incidents, while the SEC recently circulated a cybersecurity “guidance update.”  These publications recommend that companies institute certain policies and procedures for cybersecurity based on each agency’s experience in the area.

The agencies’ suggestions are good ones.  More importantly, like NIST’s Cybersecurity Framework, such recommendations may become de facto standards that regulators, courts, and juries look to when they assess whether your company’s
Continue Reading Regulatory Update: DOJ and SEC Issue Privacy and Cybersecurity Recommendations