Daniel Pepper

Subscribe to all posts by Daniel Pepper

Is China’s Personal Information Protection Law Contributing to the Global Supply Chain Snafu?

Photo of Daniel PepperBy Daniel Pepper on Posted in Data Privacy
Less than a month after China’s Personal Information Protection Law (PIPL) took effect, ships in Chinese waters began disappearing from industry tracking systems. While the PIPL governs the collection and cross-border transfer of personal information, which is broadly defined as information related to an identified or identifiable natural person that is recorded electronically or by … Continue Reading

China Issues Draft Measures on Security Assessment of Cross-Border Data Transfer

Photo of Daniel PepperBy Daniel Pepper on Posted in Cybersecurity, Information Governance
On Oct. 29, 2021, the Cyberspace Administration of China (CAC) published the “Draft Measures on Security Assessment of Cross-Border Data Transfer” (Draft Measures) for comment through Nov. 28. The Draft Measures follow and are based on China’s Cybersecurity Law (CSL), Data Security Law (DSL), Personal Information Protection Law (PIPL) and related regulations. These measures appear … Continue Reading

The New IoT Cybersecurity Act Is Here

Photo of Daniel PepperPhoto of Adam CohenBy Daniel Pepper and Adam Cohen on Posted in Internet of Things
Background Growing awareness regarding cybersecurity concerns with the Internet of Things (IoT) has achieved a milestone with the promulgation of the IoT Cybersecurity Improvement Act (the Act), which was signed into law by President Donald Trump on December 4, 2020. The Act requires the development, adoption and implementation of security standards for IoT devices by … Continue Reading

Steps to Develop a Mature Third-Party Risk Management Program With High-Risk Third Parties (Part 3)

Photo of Daniel PepperBy Daniel Pepper on Posted in Risk Assessments
Part 1 Part 2 This blog is the third in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls, such as assessing compliance with regulations, vetting third-party security practices, and establishing data breach and cyber exploit … Continue Reading

Steps to Develop a Mature Third-Party Risk Management Program with High-Risk Third Parties (Part 2)

Photo of Daniel PepperBy Daniel Pepper on Posted in Risk Assessments
This blog is the second in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls, such as assessing compliance with regulations, vetting third-party security practices, and establishing data breach and cyber exploit incident response procedures. While … Continue Reading

Steps to Develop a Mature Third-Party Risk Management Program With High-Risk Third Parties

Photo of Daniel PepperBy Daniel Pepper on Posted in Risk Assessments
This blog is the first in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls such as assessing compliance with regulations, vetting third-party security practices, and establishing data breach and cyber exploit incident response procedures. While … Continue Reading

Just When You Thought It Was Safe to Go Back into the Water – CCPA 2, the Sequel

Photo of Daniel PepperBy Alan L. Friel and Daniel Pepper on Posted in CCPA
If you’ve been feeling encouraged about your company’s preparation for the California Consumer Privacy Act’s (CCPA) launch on January 1, 2020, you may not want to breathe a sigh of relief just yet. Alastair Mactaggart, the founder and board chair of Californians for Consumer Privacy (one of the coauthors of the CCPA), is hoping that … Continue Reading
LexBlog