Alston & Bird Privacy, Cyber & Data Strategy Blog

Lance Taubin

Avatar photo

About Lance Taubin

Lance Taubin is a senior associate with Alston & Bird’s Privacy, Cyber & Data Strategy team. He advises clients on data privacy and cybersecurity compliance and enforcement, managing cyber risk, breach investigations, and response and transactional diligence.

[Read Bio]

DOJ Settles False Claims Act Case with MORSECORP Over Cybersecurity Program

By , , and

On March 26, 2025, the United States Department of Justice (DOJ) announced that it had reached an agreement with MORSECORP Inc. (MORSE) to settle alleged violations of the False Claims Act (FCA), specifically regarding MORSE’s cybersecurity program.  The DOJ and MORSE—a government contractor that provides services to both the Departments of the Army and Air […]

Additional Cybersecurity Requirements of NYDFS Part 500 Take Effect Today

By , , , and

Today, on May 1, 2025, additional enhanced cybersecurity controls required by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) take effect.  Although the Second Amendment was originally adopted in November of 2023, NYDFS established a multi-year rollout of the Second Amendment’s requirements, […]

FTC Announces Proposed Settlement with GoDaddy Incorporating Prescriptive Cybersecurity Requirements

By , and

On January 15, 2025, the Federal Trade Commission (FTC) announced a proposed settlement with GoDaddy Inc. (GoDaddy) for making false or misleading representations about their security practices in violation of Section 5 of the FTC Act. GoDaddy, a website hosting company, serves approximately 5 million customers. In the complaint, the FTC indicated that although GoDaddy […]

Summary of Changes from DoD CMMC Proposed Rule to Final Rule

By , , and

On October 11, 2024, the Department of Defense (“DoD”) issued its Final Program Rule for the Cybersecurity Maturity Model Certification (“CMMC”) Program. The Final Rule is a signal to federal contractors to develop compliance programs pertaining to CMMC in advance of the implementation of CMMC (likely next year). The CMMC program is designed to ensure […]

NYDFS Issues Guidance on Artificial Intelligence-related Cybersecurity Risks

By , , , and

On October 16, 2024, the New York Department of Financial Services (“NYDFS”) issued an industry letter covering Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks (the “Industry Letter”).  The Industry Letter contains guidance for entities regulated by NYDFS (“Covered Entities”) in assessing and responding to cybersecurity risks related to the use […]