News & Analysis as of

Cybersecurity Framework

Privacy Tip #109 – Cybersecurity Tips for Small (and all) Businesses

I travel around helping businesses, both large and small, work on assessing their cybersecurity risks and implement measures to protect data, reduce risk and comply with applicable state and federal laws. In doing so, it is...more

Cyber Winter is Here, and Coming to Regulation: The New York Rules and the Future of Cybersecurity Regulation

The State of New York’s response to two large cybersecurity breaches may fuel the transformation of the state regulation of corporate cybersecurity in the U.S. Unlike typical state data breach statutes which focus on...more

Global Privacy & Cybersecurity Update Vol. 15

by Jones Day on

UNITED STATES - Regulatory—Policy, Best Practices, and Standards - FTC Comments on Improvements to IoT Device Security - On June 19, the Federal Trade Commission ("FTC") submitted comments to a working group organized by the...more

NIST Updates Its Security and Privacy Guidance

by Reed Smith on

Earlier this month, the National Institute of Standards and Technology (“NIST”) issued its fifth and latest draft of its “Security and Privacy Controls for Information Systems and Organizations” guidance document. The NIST...more

New York DFS Cyber Rules Go Live: Here’s Your Roadmap

by Orrick - Trust Anchor on

August 28, 2017 marks the end of the initial 180-day grace period for compliance under the New York Department of Financial Services’ “first-in-the-nation” cybersecurity regulations (the “Rules”). The initial regulations...more

NIST Publishes Updated Cybersecurity Guidance and Guidance on Passwords

The National Institute of Science and Technology (NIST) has long been a leading authority in Cybersecurity—even before Cybersecurity became a household name. It originally published its Cybersecurity Framework-intended not...more

Analysis: Cyber-Monitoring: The Next Frontier

by Dickinson Wright on

Cybersecurity is “hot” and will stay “hot” for corporations, executives, regulators, law enforcement and legislators. Rarely is there a corporate compliance discussion in 2017 where cyber isn’t “the” topic or a material part...more

Deadline to Meet DFS Cyber Regulation Is Monday

Banks, insurance companies and other financial institutions have only a few days left to comply with the first wave of requirements under New York’s controversial new cybersecurity regulation....more

NYSDFS Upcoming Deadline Fast Approaching: First Key Date is August 28, 2017

by Shipman & Goodwin LLP on

On March 1, 2017, the New York State Department of Financial Services’ (“DFS”) first-in-nation Cybersecurity Regulations for the purpose of protecting consumers and financial institutions from cyber-attacks went into effect...more

NAIC Cybersecurity Working Group Votes to Approve Insurance Data Security Model Law

by Carlton Fields on

The National Association of Insurance Commissioners (NAIC) Cybersecurity (EX) Working Group (Cybersecurity WG) approved Version 6 (Finalized) of its Insurance Data Security Model Law (Model) on August 7 at the NAIC Summer...more

DFS Cyber Regulation Countdown: Who Should Certify Compliance?

Companies subject to New York’s Department of Financial Services (DFS) new cybersecurity regulation should be preparing to comply with the first round of requirements by the upcoming August 28th deadline: enacting a...more

A Guide to NYDFS Cybersecurity Regulations’ August 28 Implementation Deadline

by Hogan Lovells on

As a follow-up to our previous reports (December 30, 2016 Alert; February 24, 2017 Alert) regarding the cybersecurity regulations issued by the New York State Department of Financial Services (NYDFS), we would like to remind...more

New Cybersecurity Rules for Colorado Investment Advisers and Broker-Dealers

by Snell & Wilmer on

Colorado has adopted new rules that add cybersecurity requirements for certain entities with Colorado securities licenses. The rules are from the regulatory agency the Division of Securities. It licenses securities...more

New Connecticut Insurance Department Bulletin on Data Security Requirements

by Polsinelli on

Connecticut Bulletin MC-23. The Connecticut Insurance Department issued Bulletin MC-23 on June 13, 2017. The Bulletin addresses certification and notice requirements for data security requirements applicable to TPAs and PBMs...more

New York’s New Cybersecurity Regulations and its Impact on your Sensitive Health Information

by Farrell Fritz, P.C. on

Effective March 1, 2017, the New York State Department of Financial Services promulgated regulations to help protect against cybercriminals and their efforts to exploit sensitive electronic data. These cybersecurity...more

Connecticut Releases Cybersecurity Strategy

On July 10, 2017, Connecticut Governor Dannel P. Malloy released Connecticut Cybersecurity Strategy, that outlines seven key principles to assist with strengthening efforts to protect the state’s cybersecurity defenses for...more

The Top Eight Things You Should Be Doing to Protect Your Business from Cyber Threats

by Burr & Forman on

Cyber threats take many forms. The wide-spread WannaCry ransomware attack in May of 2017 highlighted how computer files could be held hostage in return for payment, while the Dyn denial of service in October of 2016...more

Municipalities Under Connecticut's New Cybersecurity Strategy

by Murtha Cullina on

On July 10, 2017, Governor Dannel Malloy, along with Chief Information Officer Mark Raymond and Chief Cybersecurity Risk Officer Arthur House, released Connecticut’s initial Cybersecurity Strategy. The goal of the...more

National Association of Corporate Directors Updates Cyber-Risk Oversight Handbook

by Hogan Lovells on

Earlier this year, the National Association of Corporate Directors (NACD) released an updated version of its Director’s Handbook on Cyber-Risk Oversight (Handbook). The updates add 16 pages of content to the previously...more

NYDFS Updates FAQs to Clarify Cybersecurity Regulations

by Ballard Spahr LLP on

The New York Department of Financial Services (NYDFS) recently updated frequently asked questions (FAQs) about its cybersecurity regulations, 23 NYCRR 500, to address four new issues. NYDFS published its initial set of FAQs...more

DFS Cyber Compliance Nightmare? Detailed survey results indicate compliance is far from reach

New York’s powerful Department of Financial Services (DFS) upended cybersecurity regulation with its new and sweeping “Cybersecurity Requirements for Financial Services Companies,” which took effect on March 1, 2017. But is...more

DFS Issues Additional Guidance for Cyber Regulation Compliance

New York’s Department of Financial Services (DFS) has issued additional guidance for compliance with the state’s sweeping cybersecurity regulation that went into effect earlier this year. Companies covered by the regulation...more

South Korea Joins APEC Cross-Border Privacy Rules System

by Hogan Lovells on

On Monday, June 12, South Korea became the latest country approved to officially join the Asia-Pacific Economic Cooperation’s (APEC) Cross-Border Privacy Rules (CBPR) system. It is the fifth APEC economy to participate in...more

NYS Cyber Regulation Countdown: Continuous Monitoring

In our series of posts leading up to the August 28th deadline for the first phase of requirements under New York’s cybersecurity regulation, the Patterson Belknap team looks at issues that institutions face as they implement...more

DFS Cyber Compliance Nightmare? New survey reports less than half of financial firms will meet deadline

A new survey by the Ponemon Institute reports that less than half of the financial institutions covered by New York’s sweeping new cybersecurity regulation say they will “likely” meet next February’s compliance deadline. And...more

267 Results
|
View per page
Page: of 11
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.