Mar. 27, 2024
Mar. 27, 2024
Welcome to the GPT Store – and Its Three Million Security Uncertainties
OpenAI expanded its ecosystem in January 2024 with the launch of its new transformative GPT Store (Store) that allows subscribers to use and share custom chatbots. The standalone GPTs in the Store have capabilities for tasks like booking flights, summarizing a collection of PDFs or assisting negotiations – extending beyond the pre-loaded ChatGPT and DALL-E functions. In three months, the Store has attracted three million GPTs. This article examines the top security issues, including sizable third-party perils, of the Store and identifies key priorities for compliance professionals and company engineers for mitigating the risks of the new GPT app marketplace. It also suggests resources for cyber compliance professionals to monitor security concerns around large language models. See “Dos and Don’ts for Employee Use of Generative AI” (Dec. 6, 2023). Read full article …
Checklist Covering CSRB Recommendations on Five Areas for Strengthening Cyber Defenses
A report released by the Cyber Safety Review Board (CSRB) in 2023 (Report) framed five critical spheres for cybersecurity improvement based on weaknesses leveraged by Lapsus$ during attacks carried out in 2021 and 2022. Organizations can use this checklist derived from the Report, and incorporating related commentary from Manatt partner Paul H. Luehr, to strengthen measures in areas the Report highlighted, including identity and access management, building resilience, mitigating third-party risk, mitigating telecommunications vulnerabilities and addressing law enforcement challenges. For in-depth coverage on the Report, see our two-part series “CSRB Report on Lapsus$ Attacks”: Key Takeaways and Law Enforcement Cooperation (Sep. 20, 2023), and Moving Beyond MFA, Building Resilience and Mitigating Third-Party Threats (Sep. 27, 2023). Read full article …
SEC’s 2024 Regulatory Focus
The SEC remains aggressive on rules, exams and enforcement, but its pace of rulemaking has slowed somewhat due to legal challenges, said ACA Group (ACA) global advisory leader Carlo di Florio. This article synthesizes insights delivered by di Florio and his ACA colleagues during a firm program on top-of-mind regulatory issues for investment advisers and broker-dealers. The topics covered included AI, off-channel communications, cybersecurity, compliance technology, and environmental, social and governance investment. See “SEC Director Offers Clarification on New Cyber Disclosure Regime” (Jan. 3, 2024). Read full article …
Biometric Privacy Team Moves to Blank Rome
Three litigators focused on biometric privacy have joined Blank Rome in its Chicago office. Daniel Saeedi, who will co-lead the firm’s biometric privacy team, and Rachel Schaller arrive as partners, along with associate Gabrielle Ganze. The trio joins from Taft Stettinius & Hollister. For commentary from Blank Rome, see our two-part series on the shifting BIPA landscape: “Notable Trends and Developments” (Sep. 7, 2022), and “Avoiding Liability” (Sep. 14, 2022). Read full article …
Most-Read Articles
-
Feb. 21, 2024
Scraping Battles: Meta Loses Legal Effort to Halt Harvesting of Personal Profiles -
Feb. 21, 2024
Tracking Technologies: A 360‑Degree Governance Plan -
Mar. 6, 2024
Lessons From California’s DoorDash Enforcement Action -
Jan. 17, 2024
Tracking Technologies: Privacy Regulation, Enforcement and Risk -
Sep. 28, 2022
Lessons From California’s First CCPA Enforcement Action
Spotlight on Trailblazing Women
To mark International Women’s Day 2024, women editors and reporters of ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Jill Abitbol, Managing Editor of the Cybersecurity Law Report and Anti-Corruption Report, features notable women in data privacy, cybersecurity, white collar defense, compliance and anti-corruption law, including Christina Montgomery, Leslie Shanklin, Palmina Fava, Alexandra Ross and Lucinda Low. Enjoy reading their inspiring remarks here.
We Celebrate Data Privacy Day 2024
Read the full brief here.