Privacy & Data Security

Current information security and risk mitigation approaches are ineffective, and this failure is nowhere more apparent than in critical supply chains – defense, energy, health services, and other key industries. The source of much of the persistent failure to secure supply chains and the success of hackers compromising these vital arteries of commerce is that most organizations do not recognize all of

2021 was a challenging year in cybersecurity, and there’s no reason to believe that this will end.  As we approach 2022, all businesses large and small need to address some basic issues that impact the security of their systems. and their customers?

  • Vendors. No company stands alone – they depend on a multitude of vendors and third parties to operate. 

The Challenge
Complying with the ever-increasing number of privacy laws is a daunting task. In addition to comprehensive state laws, like California’s Consumer Privacy Act (CCPA), Virginia’s Consumer Data Protection Act and the Colorado Privacy Act, there are a multitude of targeted laws on the federal and state level. Other laws to consider include the EU’s General Data Protection Regulation

Bob Braun was recently quoted in an article distributed by the National Institute of Standards and Technology (NIST), evaluating the organization’s recent publication of a three-part guide to securing guest and credit card data at hotels. “This publication analyzes and addresses the challenges common to almost all hotels in creating secure data systems,” he said. “Hotels would be well-advised to

The California Attorney General’s Office has finalized additional regulations implementing the California Consumer Privacy Act of 2018 (the CCPA). The new regulations, found here, are the most recent in a series of regulations that build on the rules last adopted in August 2020. The new regulations have a number of developments that companies doing business in California need to consider:

Just as we were getting used to the California Consumer Privacy Act of 2018 (the “CCPA”), Californians voted to approve Proposition 24, the California Privacy Rights Enforcement Act of 2020 (the “CPRA”). For now, the CCPA is still with us – the CPRA becomes effective on January 1, 2023 – but companies that do business in California need to address

LOS ANGELES—Jeffer Mangels Butler & Mitchell LLP (JMBM) is pleased to announce that Michael A. Gold, co-chair of JMBM’s Cybersecurity & Privacy Group, has been recognized by the Daily Journal as one of California’s Top Cyber Lawyers.
As reported by the Daily Journal, his clients include companies that operate within large and complex data environments, particularly those with international operations

Many races and initiatives that California voters considered on November 3 are still undecided, but Proposition 24, the California Privacy Rights Act of 2020 (the “CPRA”) isn’t one of them. The California electorate approved Proposition 24 by a comfortable margin – 56% of Californians voted in favor.
Like its predecessor the California Consumer Privacy Act of 2018 (the “CCPA”), the

Are your cybersecurity management practices reasonable? Do you know your risk tolerance? Are you covering all the cybersecurity bases that make up reasonable cybersecurity?
The California Consumer Privacy Act (CCPA) and other emerging laws require organizations to have “reasonable cybersecurity practices.” The challenge is that there is no accepted definition of exactly what “reasonable” means.
Addressing this challenge, Robert Braun,