Cyber Attacks Cybersecurity Framework

News & Analysis as of

FTC Round-Up: NIST Framework Compliance Is Not Enough and Looming Ransomware Enforcement Activity

On August 31st and September 7th, 2016, the Federal Trade Commission (FTC) provided guidance regarding cybersecurity standards, which companies should consider when assessing their current data security posture....more

White House Issues Presidential Directive Coordinating Government Response To “Cyber Incidents”

On July 26, 2016, President Obama issued a new Presidential Directive setting forth the framework for how the United States (US) federal government will respond to “cyber incidents,” whether involving government or private...more

Raytheon/Ponemon survey confirms companies wait until an event to hire a data security vendor

The results of a Raytheon commissioned Ponemon study released on June 7, 2016 shows that at least two-thirds of businesses wait until they have experienced a cyber-attack or data breach to hire and retain security vendors to...more

BIMCO issues cybersecurity guidelines for ships

Last week, BIMCO, along with other shipping organizations, “launched” guidelines “to help the global shipping industry prevent major safety, environmental and commercial issues that could result from a cyber incident on-board...more

Also In the News - Data, Privacy, & Security Practice Report - December 2015 #2

Harmonizing Cybersecurity And Trade Secret Protection – Many companies are investing heavily in cybersecurity and implementing a framework such as the Cybersecurity Framework from the National Institute of Standards and...more

Cybersecurity and resiliency: The Financial Sector’s “New Frontier”

“The Internet has a dark side,” Deputy Treasury Secretary Sarah Bloom Raskin remarked while addressing senior level banking executives at this year’s Clearing House Annual Conference. Raskin focused her comments on malicious...more

U.S., China Announce Cybersecurity Agreement During Xi Jiping’s Visit

Chinese President Xi Jinping made his first state visit to the United States last week, and his itinerary included meetings with U.S. technology company leaders as well as President Barack Obama. Not surprisingly, his hosts...more

Disclosure Of Numerous Hacks At The U.S. Department Of Energy Renews Cybersecurity Concerns In The Energy Sector

Records produced by the U.S. Department of Energy (“DOE”) to USA TODAY under a Freedom of Information Act request revealed over 150 successful cyber intrusions into DOE computer systems between 2010 and 2014. Concerns about...more

Cybersecurity as a Regulatory Issue: The NAIC Considers The Anthem Breach And Weighs a “Cybersecurity Bill of Rights”

The Cybersecurity Task Force of the National Association of Insurance Commissioners (the “NAIC”) met last month, as part of on the NAIC’s 2015 Summer National Meeting in Chicago. The Task Force focused on two issues: the...more

FTC Can Regulate Cybersecurity Practices, Third Circuit Rules

The Federal Trade Commission (FTC) can regulate cybersecurity policies and procedures as “unfair” acts or practices under Section 5 of the FTC Act, the U.S. Court of Appeals for the Third Circuit has ruled in a very important...more

The Legal Lessons of Data Breaches

Every business would love to find a fortune teller to give it insight into what trends to follow, which risks to take, and when “exposure” will convert to liability. Some clients might say that, unfortunately, their lawyers...more

Federal Appeals Court Recognizes for the First Time the FTC’s Authority to Enforce Cybersecurity Practices

On August 24, 2015, the Third Circuit Court of Appeals issued a much-awaited decision in FTC v. Wyndham Worldwide Corporation, holding that the Federal Trade Commission (FTC) has authority to regulate “unfair” or “deceptive”...more

FFIEC Cybersecurity Assessment Tool: Not Just For Financial Institutions

On June 30, 2015, the Federal Financial Institutions Examination Council (FFIEC) released its long anticipated Cybersecurity Assessment Tool (press release here). The FFIEC is a formal interagency organization empowered to...more

Republican Senators Sought To Tie Cybersecurity Measure To Defense Bill

In the wake of the recent public disclosure of the massive breach into the Office of Personnel Management compromising the personal information of approximately 4 million individuals, Senators were hoping to tie a...more

Heartland Payment Systems suffers another data breach

Heartland Payment Systems suffered one of the largest breaches in history in 2008, when over 100 million credit and debit cards issued by hundreds of financial service companies were stolen from their payroll payment...more

United States And Japan Pledge Closer Cooperation In Cyber Defense Matters

On May 30, the United States-Japan Cyber Defense Policy Working Group (“CDPWG”) issued a joint statement outlining increased cooperation between the two countries in the cyber realm. The CDPWG was founded in October 2013 to...more

Patriot Act Reauthorization Debate Delays Cybersecurity Legislation

In This Issue: - Industry Liability Protections and Standards - Legislative Timeframe - Additional Notification Bill Expected - Conclusion - For More Information - Excerpt from Industry...more

Effective cybersecurity: 8 questions for you and your team

Cybersecurity has become a top-tier risk for US and multinational organizations. It is only a matter of time before a determined hacker will penetrate your organization’s system and successfully exfiltrate some data. (Indeed,...more

BSA Releases European Union Cybersecurity Dashboard

On March 3, BSA/The Software Alliance, a software industry advocacy group, released the EU Cybersecurity Dashboard: A Path to a Secure European Cyberspace (the “EU Dashboard”), an analysis of data security laws and policies...more

Solving the Legal Challenges of Trustworthy Online Identity

In this age of phishing, hacking, identity fraud, and other forms of cybercrime, answering two simple questions – “Who are you?” and “How can you prove it?” – is fast becoming a critical requirement for online business...more

The Government's Strategy to Combat the "Cyber Arms Race"

In the midst of ongoing, escalating and increasingly troublesome reports of large-scale corporate cyber breaches, the federal government is trying to fight back more forcefully with a dual strategy to shore up agency...more

SEC Cybersecurity Initiative: Five Steps ALL Broker-Dealers and Investment Advisers Should be Taking

Last week, the U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) released a Risk Alert announcing its Cybersecurity Initiative....more

With Cyberattacks on the Rise, White House Releases Cybersecurity Framework

Given the apparent vulnerabilities evidenced by recent cyberattacks to big-box retailers, cybersecurity remains a top priority for both the federal government and private sector. On February 12, the National Institute of...more

California Bill Would Create Cyber Security Commission

In recognition of the increasing threat that cyber-attacks pose to the state's infrastructure and the considerable costs that government and private sectors are estimated to spend on cyber security (more than $70 billion...more

APT Threat Report Shows Cybersecurity Risks Not Limited to Identity Theft

We often talk to companies who believe they are an unlikely target for hackers because they do not have financial account information, Social Security numbers, or medical information. However, personal information is not the...more

28 Results
View per page
Page: of 2
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.