Data brokers who offered brokerage services in California in 2025 must register or re-register their status with the state’s data broker registry by Jan. 31, 2026.
In-scope companies that fail to do so may be liable for administrative fines or even reasonable expenses incurred by the CalPrivacy regulator in investigating and bringing an administrative action
Cybersecurity incidents pose a fundamental challenge: How do you reassure stakeholders while acknowledging that many facts remain unknown early in forensic investigations?
Continue Reading How to Reassure Stakeholders When Facts Are Still Unknown During Cyber Incidents
On Dec. 5, 2025, the German act implementing the EU NIS 2 Directive was published.
Continue Reading NIS2 in Germany: The New BSI Act Makes Cybersecurity a Board-Level Issue
The last remaining provisions of the amendments to the New York Department of Financial Services’ (DFS) cybersecurity regulation called Part 500 came into effect Nov. 1, 2025.
Continue Reading NYDFS Final Cybersecurity Rules – MFA, Asset Inventory, and Third-Party Risk
The German data protection supervisory authorities have released their take on international data transfers in medical research.
Continue Reading New DSK Guidelines Aim to Set the Standard for International Research Collaborations
Greenberg Traurig is a sponsor of the 2025 Privacy + Security Forum Fall Academy taking place from November 12 – 14, at George Washington University in Washington, D.C.
Continue Reading Nov. 12-14 EVENT | 2025 Privacy + Security Forum Fall Academy
On Oct. 28, 2025, please join Greenberg Traurig and leaders from its Chambers USA Band 1 Retail Industry Group and Privacy & Cybersecurity Practice, along with a legal director from Scott’s Company LLC, for a CLE exploring the evolving landscape of data privacy and security laws and their impact on in-house legal teams.
This expert
In September, DoD finalized the CMMC Program, along with the accompanying contract clauses, with an effective date of Nov. 10, 2025.
Continue Reading Preparing for a CMMC Audit: The System Security Plan
On Sept. 10, 2025, the Department Defense (DoD) issued a final rule amending the Defense Acquisition Regulation Supplement (DFARS) to implement the Cybersecurity Maturity Model Certification (CMMC) program for government contractors.
Continue Reading Recapping CMMC Level 3: Considerations for Government Contractors