Cyber Threats

News & Analysis as of

U.S., China Announce Cybersecurity Agreement During Xi Jiping’s Visit

Chinese President Xi Jinping made his first state visit to the United States last week, and his itinerary included meetings with U.S. technology company leaders as well as President Barack Obama. Not surprisingly, his hosts...more

A Compilation of Enforcement and Non-Enforcement Actions

Non-Enforcement Cybersecurity Is At the Top of SEC Examination Concerns In a recent SEC “risk alert” for registered broker-dealers and investment advisers, the SEC’s Office of Compliance Inspections and Examinations (OCIE)...more

What is reasonable? The emerging legalities of cybersecurity post-Wyndham

This month’s edition of the Advanced Cyber Security Center’s newletter includes my discussion of lessons to be learned from the Wyndham decision: Historically, security was an issue reserved in a back room for the IT...more

Project CAMERASHY Details Cyberespionage By China’s Military

In a story reminiscent of a Tom Clancy plot, the Wall Street Journal reported last Thursday on “meticulously documented” cyberespionage conducted by China’s People’s Liberation Army (“PLA”) Unit 78020 to further strategic...more

US-China Cyber Deal Big on Promises, Short on Action

In the aftermath of recent cyberattacks attributed to China’s government and citizens, many observers prepared for a rather uncomfortable state visit by Chinese President Xi Jinping last week. Then, as President Xi began his...more

The Legal Lessons of Data Breaches

Every business would love to find a fortune teller to give it insight into what trends to follow, which risks to take, and when “exposure” will convert to liability. Some clients might say that, unfortunately, their lawyers...more

Who is Stealing Your Trade Secrets? An Overview of Key Threats

Every company has trade secrets – for some, they may be special manufacturing processes, for other organizations, trade secrets could include product formulae, customer lists, software code or marketing strategies. The more...more

The SEC Charges Investment Adviser with Violating Regulation S-P by Failing to Adopt Cybersecurity Policies and Procedures

In recent years, the SEC has been focused on cybersecurity. It has issued risk alerts, conducted examinations and provided guidance about what the agency sees as widespread weaknesses in many policies and procedures to...more

SEC Announces Cybersecurity Enforcement Action

On September 22, 2015, the Securities and Exchange Commission (SEC) announced the settlement of an enforcement action against a St. Louis-based registered investment adviser (Adviser) brought under Rule 30(a) of Regulation...more

SEC Releases First Cybersecurity Enforcement Action for Failure to Protect Client Data

The SEC’s focus in the action was not on the manner of the firm’s responses to the breach or whether there was any actual harm, but predominantly on the adequacy of the firm’s written policies for safeguarding customer...more

SEC Charges Investment Adviser with Cybersecurity Violations

The SEC recently commenced a settled enforcement action against an investment adviser, R.T. Jones Capital Equities Management, Inc., for cybersecurity matters. Press reports indicate this is the first such case of its kind. ...more

Checking In on Sanctions Enforcement

The Department of Treasury’s Office of Foreign Asset Control continues to ramp up sanctions enforcement. Even with the likely relaxation of the Iran and Cuba sanctions, OFAC has been continuing its aggressive enforcement...more

European Parliament publishes its proposals for the security of the EU

On 9 July 2015 the European Parliament published its European agenda on security, setting out the current situation of security in the European Union before identifying three key areas upon which efforts should be focused:...more

Unprecedented Hacking and Trading Scheme Highlights Key Cybersecurity Lessons

On Aug. 11, 2015, federal prosecutors in the District of New Jersey and the Eastern District of New York unsealed indictments against nine individuals in the U.S. and Ukraine who were allegedly involved in a five-year,...more

SEC Provides Additional Information On Cybersecurity Examinations

On September 15, 2015, the Security and Exchange Commission’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert to provide additional information on the areas of focus for its second round of...more

OCIE’s 2015 Cybersecurity Examination Initiative

Second Round of Cybersecurity Examinations to Begin - On September 15, 2015, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) issued a Risk Alert announcing a...more

Recent Enforcement Shows the Importance of Encrypting Mobile Devices Containing Protected Health Information

With headlines every day announcing another release of Protected Health Information (PHI), providers are asking themselves – is there a way to protect against these breaches? Beyond improving the security of large...more

Ashley Madison Breach Another Warning To Companies

Add dating website Ashley Madison to the list of large companies like Target, Home Depot and Michael’s that have had customer information stolen by hackers. Published reports say Ashley Madison is now facing multiple lawsuits...more

Disclosure Of Numerous Hacks At The U.S. Department Of Energy Renews Cybersecurity Concerns In The Energy Sector

Records produced by the U.S. Department of Energy (“DOE”) to USA TODAY under a Freedom of Information Act request revealed over 150 successful cyber intrusions into DOE computer systems between 2010 and 2014. Concerns about...more

SEC to Conduct Second Round of Cybersecurity Examinations

On September 15, 2015, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) issued a Risk Alert announcing its second round of examinations of registered investment...more

Cybersecurity, Round 2: OCIE Announces Areas of Focus for Cybersecurity Examinations

On September 15, 2015, OCIE issued a risk alert relating to its new cybersecurity examination initiative. This is the second round of these examinations, and the alert provides a detailed look at OCIE’s current areas of...more

How to Avoid and Respond to a Cybersecurity Breach

In light of numerous recent data breaches, cybersecurity has emerged as an issue impacting organizations ranging from the local hardware store to the largest multi-national firms in the world. In short, no industry is immune...more

Data Breach Response Planning: Laying the Right Foundation

Part of Bradley Arant’s Privacy and Information Security Team’s seven-part Data Breach Toolkit Webinar Series, the “Data Breach Response Planning: Laying the Right Foundation” webinar, led by Paige Boshell and Amy Leopard,...more

Pennsylvania Regulator Addresses Cybersecurity

On September 8, Pennsylvania Department of Banking and Securities’ Secretary Robin Wiessmann issued a letter to Pennsylvania state-chartered, licensed, and registered financial services institutions and companies regarding...more

Academic Institutions Are Under Cyber Attack

Academia’s cyber preparedness (or lack thereof) has received less media attention than that of certain retailers and financial institutions, but nonetheless the cyber risks confronting universities are pervasive and alarming....more

150 Results
View per page
Page: of 6

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.