On November 28, 2023, the New York Department of Financial Services announced that First American Title Insurance Company, the second-largest title insurance company in the United States, would pay a $1 million penalty for violations of the NYDFS Cybersecurity Regulation in connection with a 2019 data breach.
Continue Reading New York Department of Financial Services Reaches $1 Million Dollar Settlement With First American Title Insurance in Data Breach Investigation

On November 27, 2023, the UK government announced the first global guidelines to ensure the secure development of AI technology, which were developed by the UK National Cyber Security Centre and the U.S. Cybersecurity and Infrastructure Security Agency, in cooperation with industry experts and other international agencies and ministries.
Continue Reading UK and U.S. Develop Global Guidelines for AI Security

On November 23, 2023, the UK government’s National Cyber Security Centre and the Republic of Korea’s National Intelligence Service issued a joint advisory detailing techniques and tactics used by cyber actors linked to the Democratic People’s Republic of Korea that are carrying out software supply chain attacks.
Continue Reading UK and Republic of Korea Issue Warning about DPRK State-Linked Cyber Actors

Patrick Gunning from King & Wood Mallesons reports that, on November 2, 2023, the Australian Information Commissioner filed proceedings in the Federal Court of Australia against Australian Clinical Labs Limited seeking a civil penalty in connection with the company’s response to a data breach that occurred in February 2022.
Continue Reading Australian Privacy Regulator Sues in Data Breach Case

On October 30, 2023, the U.S. Securities and Exchange Commission announced charges against SolarWinds Corporation and its Chief Information Security Officer, Timothy G. Brown, for fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.
Continue Reading SEC Charges SolarWinds and SolarWinds’ CISO with Fraud and Internal Control Failures

On October 30, 2023, the G7 leaders announced they had reached agreement on a set of International Guiding Principles on Artificial Intelligence and a voluntary Code of Conduct for AI developers, pursuant to the Hiroshima AI Process.
Continue Reading G7 Leaders Agree on Guiding Principles and Code of Conduct on Artificial Intelligence