Cybersecurity Framework

News & Analysis as of

NY DFS Proposes New Cybersecurity Regulations for Financial Institutions

The New York Department of Financial Services (NYDFS) has distributed a letter to various federal and state regulatory agencies and associations proposing the development of new cybersecurity regulations for financial...more

UK and US carry out cyber-testing exercise

The UK and US Governments have carried out a joint exercise with leading global financial firms to enhance cooperation...more

Threat Intelligence Tools Help Defend Networks

Threat intelligence services provide information about the identities, motivations, characteristics, and methods of attackers. See Rob McMillan, Khushbu Pratap, “Market Guide for Security Threat Intelligence Services,” 3,...more

FERC, Congress Take Aim at Cybersecurity Risks in the Electric Utility Sector

In light of the potentially devastating economic losses that could result from a cybersecurity attack causing widespread power outages as well as continued concerns about the vulnerability of the nation's electric utility...more

NY DFS Signals a Detailed Framework for Cybersecurity Compliance

On November 9, 2015, the New York State Department of Financial Services (“DFS”) sent a letter to a number of state and federal financial regulators signaling that DFS may issue comprehensive cybersecurity regulations for...more

Recent Government Cyber Alert and Draft Guide for Financial Institutions: Lessons for All Organizations

All organizations, including financial institutions, continue to face significant security threats across their wide ranging IT systems. Such organizations are particularly vulnerable if they cannot track networked devices...more

What the Recent NAIC Financial Condition Examiners Handbook Changes Mean for Insurers

On September 21, 2015, the National Association of Insurance Commissioners (NAIC) IT Examination Working Group adopted amendments to the IT section of the Financial Condition Examiners Handbook (“the Handbook”). The changes...more

FTC Releases Agenda for Start with Security Conference

On October 14, the FTC announced the agenda for its Start with Security conference, scheduled to take place on November 5 in Austin, TX. The conference is intended to provide companies, particularly start-ups and developers,...more

U.S., China Announce Cybersecurity Agreement During Xi Jiping’s Visit

Chinese President Xi Jinping made his first state visit to the United States last week, and his itinerary included meetings with U.S. technology company leaders as well as President Barack Obama. Not surprisingly, his hosts...more

Disclosure Of Numerous Hacks At The U.S. Department Of Energy Renews Cybersecurity Concerns In The Energy Sector

Records produced by the U.S. Department of Energy (“DOE”) to USA TODAY under a Freedom of Information Act request revealed over 150 successful cyber intrusions into DOE computer systems between 2010 and 2014. Concerns about...more

Cybersecurity as a Regulatory Issue: The NAIC Considers The Anthem Breach And Weighs a “Cybersecurity Bill of Rights”

The Cybersecurity Task Force of the National Association of Insurance Commissioners (the “NAIC”) met last month, as part of on the NAIC’s 2015 Summer National Meeting in Chicago. The Task Force focused on two issues: the...more

FTC Can Regulate Cybersecurity Practices, Third Circuit Rules

The Federal Trade Commission (FTC) can regulate cybersecurity policies and procedures as “unfair” acts or practices under Section 5 of the FTC Act, the U.S. Court of Appeals for the Third Circuit has ruled in a very important...more

The Legal Lessons of Data Breaches

Every business would love to find a fortune teller to give it insight into what trends to follow, which risks to take, and when “exposure” will convert to liability. Some clients might say that, unfortunately, their lawyers...more

Security Frameworks 101: Which is Right for my Organization?

These days information security is on the minds of virtually all technology professionals and business executives alike. But how does an organization ensure that their security profile is adequate. It can certainly help to...more

Federal Appeals Court Recognizes for the First Time the FTC’s Authority to Enforce Cybersecurity Practices

On August 24, 2015, the Third Circuit Court of Appeals issued a much-awaited decision in FTC v. Wyndham Worldwide Corporation, holding that the Federal Trade Commission (FTC) has authority to regulate “unfair” or “deceptive”...more

NIST Publishes Cybersecurity Standards Objectives

The National Institute of Standards and Technology has published a draft of its objectives for cybersecurity standardization, following in many ways the consultative model that it used successfully in drafting the NIST...more

Intellectual Property Newsletter - July - August 2015

Protecting Trade Secrets in the Era of the Data Breach - The prevalence of data breaches cannot be ignored. New data breaches continue to occur one after an-other. In the first half of 2015 alone there were reports of...more

How to Assess and Improve Your Corporate Cyber Security Infrastructure

It's no secret that data breach is becoming more and more common as sophisticated hackers penetrate corporate and governmental networks at what seems to be a breakneck pace. No business or institution with an internet...more

FFIEC Cybersecurity Assessment Tool: Not Just For Financial Institutions

On June 30, 2015, the Federal Financial Institutions Examination Council (FFIEC) released its long anticipated Cybersecurity Assessment Tool (press release here). The FFIEC is a formal interagency organization empowered to...more

FFIEC’s Cybersecurity Assessment Tool: Guidance for CEOs and Boards - Senior Management and Boards Should Be Actively Addressing...

The Federal Financial Institutions Examination Council (FFIEC) released a Cybersecurity Assessment Tool (CAT) on June 30, 2015, to assist organizations in identifying cyber risks and assessing their cybersecurity...more

FFIEC’s Cybersecurity Assessment Tool: Guidance for CEOs and Boards - Senior Management and Boards Should Be Actively Addressing...

The Federal Financial Institutions Examination Council (FFIEC) released a Cybersecurity Assessment Tool (CAT) on June 30, 2015, to assist organizations in identifying cyber risks and assessing their cybersecurity...more

Republican Senators Sought To Tie Cybersecurity Measure To Defense Bill

In the wake of the recent public disclosure of the massive breach into the Office of Personnel Management compromising the personal information of approximately 4 million individuals, Senators were hoping to tie a...more

Heartland Payment Systems suffers another data breach

Heartland Payment Systems suffered one of the largest breaches in history in 2008, when over 100 million credit and debit cards issued by hundreds of financial service companies were stolen from their payroll payment...more

United States And Japan Pledge Closer Cooperation In Cyber Defense Matters

On May 30, the United States-Japan Cyber Defense Policy Working Group (“CDPWG”) issued a joint statement outlining increased cooperation between the two countries in the cyber realm. The CDPWG was founded in October 2013 to...more

Congressional Action Supports Improvement of Cybersecurity for Critical Infrastructure and Beyond

None of us in the United States – no family or individual, no industry or business, and no government agency – is immune from the potential devastation that cyber-attacks can wreak. No particular reminder is needed. Each day,...more

155 Results
View per page
Page: of 7

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.