Lance Taubin

About Lance Taubin

Lance Taubin is a senior associate with Alston & Bird’s Privacy, Cyber & Data Strategy team. He advises clients on data privacy and cybersecurity compliance and enforcement, managing cyber risk, breach investigations, and response and transactional diligence.

[Read Bio]

FTC Announces Proposed Settlement with GoDaddy Incorporating Prescriptive Cybersecurity Requirements

January 21, 2025 By Kim Peretti, Lance Taubin and Carson Kuck

On January 15, 2025, the Federal Trade Commission (FTC) announced a proposed settlement with GoDaddy Inc. (GoDaddy) for making false or misleading representations about their security practices in violation of Section 5 of the FTC Act. GoDaddy, a website hosting company, serves approximately 5 million customers. In the complaint, the FTC indicated that although GoDaddy […]

Summary of Changes from DoD CMMC Proposed Rule to Final Rule

October 29, 2024 By Kim Peretti, Andrew Liebler, Lance Taubin and Andrew Rice

On October 11, 2024, the Department of Defense (“DoD”) issued its Final Program Rule for the Cybersecurity Maturity Model Certification (“CMMC”) Program. The Final Rule is a signal to federal contractors to develop compliance programs pertaining to CMMC in advance of the implementation of CMMC (likely next year). The CMMC program is designed to ensure […]

NYDFS Issues Guidance on Artificial Intelligence-related Cybersecurity Risks

October 17, 2024 By Kim Peretti, Kate Hanniford, Ashley Miller, Lance Taubin and Colton Jackson

On October 16, 2024, the New York Department of Financial Services (“NYDFS”) issued an industry letter covering Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks (the “Industry Letter”). The Industry Letter contains guidance for entities regulated by NYDFS (“Covered Entities”) in assessing and responding to cybersecurity risks related to the use […]

United States Cybersecurity and Infrastructure Security Agency Issues Joint International Guidance for Event Logging and Threat Detection

August 30, 2024 By Kim Peretti, Lance Taubin and Zain Haq

On August 21, 2024, the United States Cybersecurity and Infrastructure Security agency, alongside government agencies in key global allies, including Australia, the UK, Canada, and Japan, released guidance on event logging and threat detection best practices. The guidance was published in response to the increased prevalence of threat actors employing Living of the Land (LOTL) […]

New York Attorney General Investigates Companies for Website Tags, Publishes Guidelines on Online Tracking Technologies

August 19, 2024 By Daniel Felz, Dorian Simmons, Lance Taubin, Rachel Lowe and Yin Tydir

On July 30, 2024, the New York Attorney General Letitia James announced she had completed an investigation into the tracking technology practices of popular websites, and used this to create website privacy guides on online tracking for New York businesses and consumers. These consist of a “Business Guide” and a “Consumer Guide.” The Business Guide […]