We have been keeping a keen eye on the explosion of the use of artificial intelligence (AI) tools and generative AI. We are assisting clients with Governance Programs to formulate a process to evaluate the use of AI in their organizations, encourage safe and reliable use of AI tools by employees, evaluate appropriate uses of
Data Privacy + Security Insider
Blog Authors
Latest from Data Privacy + Security Insider
Google Workspace’s Privacy Policy Is Changing. Are You Ready?
Google’s Workspace for Education will require school admins to independently approve all integrated third-party applications students use. Users under 18 cannot use their Google accounts to access third-party applications without consent configured in user settings. Access will terminate automatically on October 1, 2023. Google Workspace for Education’s Terms of Service does not cover third-party applications…
Joint Advisory Warns of Snatch Ransomware
The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of compromise and observed tactics, techniques, and procedures of Snatch so organizations can identify, mitigate, and respond to an attack using the Snatch ransomware variant.
Snatch has been hitting the Defense Industrial Base (DIB),…
Privacy Tip #372 – Personal Preparedness for Massive Cyber-Attack
It is scary to think of cyber warfare and how it may affect us. But the reality is there, and we should be prepared. I was chatting with a colleague this morning who asked for the top two things to do to prepare for a massive cyber-attack. I started thinking about this when I was…
FAA Extends the Compliance Deadline for Remote ID Rule to March
This week the Federal Aviation Administration (FAA) announced that drone pilots who are unable to comply with the Remote ID Rule broadcast requirement will have until March 16, 2024, to equip their drone appropriately. If a drone pilot fails to comply with this requirement after this extended deadline, the pilot could be subject to fines…
Delaware Consumer Privacy Law Effective in 2025
This week, Delaware Governor John Carney signed the Delaware Personal Data Privacy Act into law. The bill goes into effect on January 1, 2025, and a public outreach effort will begin by July 1, 2024. The outreach effort will inform Delaware consumers of their rights under the new law and describe businesses’ obligations. Delaware is…
More BVLOS Drone Operations Approved by FAA
Two more companies will conduct drone operations beyond visual line of sight (BVLOS). Recently, the Federal Aviation Administration (FAA) approved UPS Flight Forward and uAvionix for this type of operation in national airspace. UPS Flight Forward plans to conduct BVLOS drone operations for small-package delivery using a ground-based surveillance system. UPS Flight Forward will conduct…
State Legislatures Eye AI Regulation
A growing number of states have enacted laws this year to study artificial intelligence (AI), ahead of possible legislative action to address expected threats to jobs, civil liberties, and property rights with the emerging technology. The specific goals of these committees have varied. For instance, Minnesota is studying how intelligence sharing with AI might enable…
AI and Audits: Proposed CCPA Regulations Up for Discussion
On September 8, 2023, the California Privacy Protection Agency (CPPA) will discuss the two new sets of proposed California Privacy Protection Act (CCPA) regulations. Here is a breakdown of the two new proposed regulations and issues up for discussion:
Auditing Requirements: If a business processes data that poses a “significant risk to consumers’ security” then…
CISA Alert: VMware Releases Security Update—Patch VMware Tools Now
VMware provides multi-cloud services, products, and solutions for its customers, including VMware Tools. On September 1, 2023, VMware released a security update for a vulnerability in VMware Tools. According to the Cybersecurity Infrastructure Security Agency (CISA), “A cyber threat actor can exploit this vulnerability to obtain sensitive information.”
In the alert, CISA “encourages users…