October 13, 2023 | New York Law Journal
Mind the Gaps: Why Data Privacy and Cybersecurity Risk Management Are Essential for Private Equity CompaniesThis article addresses how private equity companies need to understand and proactively manage the privacy and security practices of their portfolio companies to maximize the value of their investments.
By Catherine Castaldo and Anthony Diana
7 minute read
March 21, 2023 | New York Law Journal
Growth In the C-Suite? More Effective Legal Guidance for Data and TechnologyMost organizations have struggled to properly address the challenges with governance of technology and data, particularly with legal and regulatory risks, including cyber-security. Creating a General Counsel Office for the IT department who would be responsible for managing all legal and regulatory risks associated with technology and data, would go a long way to help solve this problem.
By Catherine Castaldo, Anthony Diana and Lauren Weaver
7 minute read
June 23, 2022 | Legaltech News
Under Shared Responsibility Cloud Model, Data Owners Retain Control of Access and DataFrom a legal perspective, the cloud introduces a unique shared responsibility model that many businesses are only now coming to appreciate; specifically, although the cloud provider may house the data and provide functionality for access and data security controls, the legal obligations remain the responsibility of the business procuring these services.
By Catherine Castaldo, Therese Craparo and Christine Gartland, Reed Smith
9 minute read
May 06, 2022 | New York Law Journal
Data Security and Control in the Cloud: Third-Party Cloud Providers and the Shared Responsibility ModelAlthough it appears relatively seamless (and perhaps beneficial) to the end user, the shift to the cloud brings a seismic change for ownership of the technology components and ultimate control of data.
By Catherine Castaldo, Therese Craparo and Christine Gartland
9 minute read
May 07, 2021 | New York Law Journal
Insecurity: Unregulated IOT and the Verkada Data BreachIf the unregulated, unsecured nature of many IoT devices remains industry standard practice, it is a near guarantee that breaches like the Verkada breach will become even more frequent, and likely more severe than they already are.
By Catherine Castaldo, Trevor Satnick and Kile Marks
8 minute read
Trending Stories