Alston & Bird Privacy, Cyber & Data Strategy Blog

Connecticut Proposes Mandatory Forensic Investigation and Reporting for Large Scale Data Breaches

March 31, 2026 By Kim Peretti and Alysa Austin

Connecticut lawmakers have introduced legislation that, if enacted, would significantly expand breach-response obligations for organizations affected by large-scale cybersecurity incidents. As proposed, Raised Senate Bill 117 (SB 117), would create a new category of “massive” data breaches and impose mandatory forensic investigation and reporting requirements that go well beyond Connecticut’s existing breach notification framework. What Is a “Massive” Breach? Under the proposal, a “massive … [Read more] about Connecticut Proposes Mandatory Forensic Investigation and Reporting for Large Scale Data Breaches

CISA Warns Organizations to Harden Endpoint Management Systems Following Cyberattack on Stryker Corporation

March 31, 2026 By Kim Peretti and Andrew Rice

On March 18, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert (the Alert) urging U.S. organizations to harden their endpoint management systems following the March 11, 2026 cyberattack against medical technology firm … [Read more] about CISA Warns Organizations to Harden Endpoint Management Systems Following Cyberattack on Stryker Corporation

The Trump Administration’s AI Framework: Key Federal Policy Priorities and Legislative Recommendations

March 27, 2026 By Daniel Felz, Cynthia Cole and John Lesko

On March 20, 2026, the Trump Administration released its National Policy Framework for Artificial Intelligence (“AI Framework”), a legislative recommendation document intended to guide Congress in establishing a unified federal approach to artificial … [Read more] about The Trump Administration’s AI Framework: Key Federal Policy Priorities and Legislative Recommendations

EU Privacy Regulators Weigh in on the Proposed EU Biotech Act: Key Takeaways for Life Sciences Companies

March 27, 2026 By Alice Portnoy and Wim Nauwelaerts

On March 10, 2026, the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a joint opinion on the European Commission’s proposed EU Biotech Act - a forthcoming legislative framework expected to materially … [Read more] about EU Privacy Regulators Weigh in on the Proposed EU Biotech Act: Key Takeaways for Life Sciences Companies

A New U.S. Cyber Strategy: President Trump’s Cyber Strategy for America

March 25, 2026 By Hanna Hewitt and Kim Peretti

A newly released U.S. government cyber strategy (available here) outlines a more assertive and coordinated national posture toward cybersecurity. The strategy acknowledges that cyberspace is central to economic security, national defense, and … [Read more] about A New U.S. Cyber Strategy: President Trump’s Cyber Strategy for America