Posts

Showing posts with the label Incident Response Plan

New Federal Cybersecurity Reporting Rules are on Their Way: FAQs for Businesses About CIRCIA Regulations

A sweeping new federal cybersecurity mandate is on its way, and now is the time for businesses to build the infrastructure you’ll need to comply. The Cybersecurity and Infrastructure Security Agency (CISA) is finalizing draft rules that will require a massive swath of American businesses to report certain cyber incidents, putting more structure and teeth behind the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA). While the agency has been targeting May 2026 for the release of the final rule, recent federal appropriations disruptions could alter that timeline. But the core obligations are not expected to change from the draft rule, and businesses that wait for the ink to dry before preparing will be starting from behind. Here’s a set of FAQs to help you understand what’s about to happen and what you should do. What is CIRCIA, and why should my business care? CIRCIA was passed in 2022 as the federal government’s first comprehensive, cross-sector approach to mandatory cy...

Navigating Today’s Top Privacy and Data ‎Security Risks

The world of data privacy is changing rapidly, presenting significant challenges for business leaders. New laws are emerging, plaintiffs’ attorneys are finding creative ways to use old statutes, and cybercriminals are leveraging AI to launch sophisticated attacks. Staying ahead of the risks is crucial. This article breaks down the key insights from our recent webinar which covered the biggest threats businesses face and provided practical steps to protect your organization. What Are The Top Privacy And Security Risks? In 2026, business leaders will face three key challenges. 1. The Rising Tide of Website Litigation Plaintiffs’ counsel persistently target businesses of all sizes with demand letters, arbitration, and litigation around the use of common website tools and features. This year alone, hundreds of lawsuits and arbitration claims have been filed alleging that the use of third-party website tracking tools, like cookies and pixels, or features, like AI-powered chatbots, violate ...