Category Archives: Corporate Governance

Privilege Requires Precision: Sixth Circuit’s Reminder for Internal Investigations

In a recent decision, the Sixth Circuit offered a timely reminder for legal teams conducting internal investigations: attorney-client privilege is powerful—but only when used with precision. In In re FirstEnergy Corp., No. 24-3654, 2025 WL 1234567 (6th Cir. Aug. 7, 2025), the court examined whether FirstEnergy could shield communications related to its internal investigation into alleged misconduct. …

Continue reading “Privilege Requires Precision: Sixth Circuit’s Reminder for Internal Investigations”

The Importance of GC+CISO Relationships in Cybersecurity (a New Project)

In early June 2024, my friend David Malicoat graciously invited me to be a guest on The Professional CISO Show and, while I was incredibly honored, I was a bit hesitant as well. I had just begun working on a concept (partially inspired by my friend Dena DeNooyer Stroh, most immediately, but also by my …

Continue reading “The Importance of GC+CISO Relationships in Cybersecurity (a New Project)”

Texas Attorney General Launches Major AI, Data Privacy, and Security Initiative

FOR IMMEDIATE RELEASEJune 4, 2024www.texasattorneygeneral.govPRESS OFFICE: (512) 463-2050Communications@oag.texas.gov Attorney General Ken Paxton Launches Data Privacy and Security Initiative to Protect Texans’ Sensitive Data from Illegal Exploitation by Tech, AI, and Other Companies  AUSTIN – Texas Attorney General Ken Paxton has launched a major data privacy and security initiative, establishing a team that is focused on aggressive …

Continue reading “Texas Attorney General Launches Major AI, Data Privacy, and Security Initiative”

Counseling Clients on Managing the Risks of Artificial Intelligence – Texas Bar Journal

I would like to say a big ole Texas-sized “Thank You” to the Texas Bar Journal for publishing Legal Reasoning: Counseling Clients on Managing the Risks of Artificial Intelligence, in the May 2024 issue of the Journal. I wrote this article along with my colleague Kristen Petry, whose work was invaluable in the preparation of …

Continue reading “Counseling Clients on Managing the Risks of Artificial Intelligence – Texas Bar Journal”

DFW Area Security Peeps – Join me at SecureWorld Dallas on October 25th & 26th!

I am super excited to share that I will speaking at one of my absolute favorite conferences each year — the United States’ preeminent cybersecurity conference — SecureWorld – Dallas! On Wednesday, October 25, 2023, I will be leading a full day workshop for SecureWorld Plus registrants on Real-World Cyber Risk Management and Resilience Planning …

Continue reading “DFW Area Security Peeps – Join me at SecureWorld Dallas on October 25th & 26th!”

Is the law evolving to hold individuals–specifically the CISO–responsible for companies’ cybersecurity failures?

Is the law evolving to hold individuals — specifically CISOs — responsible for companies’ cybersecurity failures? In my opinion, the answer is yes, albeit slowly and incrementally, but it certainly appears to be moving in that direction. Here are some of my thoughts on the SEC’s recently issuing a Wells Notice to SolarWinds’ executives — …

Continue reading “Is the law evolving to hold individuals–specifically the CISO–responsible for companies’ cybersecurity failures?”

A few quotes from my keynote at SecureWorld Boston

Following the outstanding SecureWorld Boston event, my friends at SecureWorld shared Highlights and Insights from SecureWorld Boston 2023 and were kind enough to include a few quotes from my lunch keynote — let me know what you think and please offer your perspective on these ideas: The final keynote session was given by Shawn Tuma, Co-Chair …

Continue reading “A few quotes from my keynote at SecureWorld Boston”

Join me and #EnterpriseUniversity for Real-World Cyber Risk Management and Resilience Planning on March 28, 2023!

On Tuesday, March 28, 2023, I will be teaching a class on Real-World Cyber Risk Management and Resilience Planning as part of #EnterpriseUniversity Enterprise Bank & Trust’s education program for business leaders and professionals! Join me for this course, and take a look at all of the live, virtual courses available at no cost to …

Continue reading “Join me and #EnterpriseUniversity for Real-World Cyber Risk Management and Resilience Planning on March 28, 2023!”

Boston Area Friends – Join me for the lunch keynote at SecureWorld Boston on March 23!

I am super excited to share that next week I will be headed to Boston to speak at one of my absolute favorite conferences each year — the United States’ preeminent cybersecurity conference — SecureWorld! On Thursday, March 23, 2023, I will present the lunch keynote on Cybersecurity Really Is a Team Sport, since folks …

Continue reading “Boston Area Friends – Join me for the lunch keynote at SecureWorld Boston on March 23!”

Charlotte, NC Area Friends – Join me at SecureWorld Charlotte on March 1 & 2!

I am super excited to share that next week I will be headed to Charlotte, North Carolina to speak at one of my absolute favorite conferences each year — the United States’ preeminent cybersecurity conference — SecureWorld! On Wednesday, March 1, 2023, I will be leading a full day workshop for SecureWorld Plus registrants on …

Continue reading “Charlotte, NC Area Friends – Join me at SecureWorld Charlotte on March 1 & 2!”