Cybersecurity Compliance

Cybersecurity is a term used to describe methods and systems for protecting sensitive information in the electronic sphere. As more financial, business, and personal information becomes exclusively maintained and... more +
Cybersecurity is a term used to describe methods and systems for protecting sensitive information in the electronic sphere. As more financial, business, and personal information becomes exclusively maintained and stored electronically, the risks of attacks, leaks, and disclosures become more pronouced. The concept of Cybersecurity encompasses a broad array of issues, including governmental regulations to ward off cyber terrorists, industry data collection and maintenance practices, and consumer advocacy to ensure the privacy of individuals' personal and medical information.     less -
News & Analysis as of

Cyber Risks For The Boardroom

The Recent Increase In Focus on Privacy Issues - Privacy issues have been the focus of many state efforts over the past few years. However, the SEC has increased their focus tremendously over the past few months (see...more

Payment Cards Security Standards Organization Publishes Third-Party Security Assurance Guidance

On August 7, the PCI Security Standards Council (PCI SSC), the open global forum responsible for setting payment security standards, published an information supplement titled “Third-Party Security Assurance Guidance,” which...more

PCI Security Standards Counsel: Recently Published Recommendations

The PCI Security Standards Council has recently published recommendations for ensuring that payment data and systems entrusted to third parties are maintained in a secure and compliant manner, in accordance with PCI-DSS...more

4 Cases Where Security Awareness Training Could Have Saved The Day

I’m very excited about our upcoming webinar, “Cybersecurity 2014: The Impact on Global Companies,” with Lisa Sotto. She is a well known data privacy rockstar and will provide an overview of cybersecurity in 2014, the current...more

A Legal Guide to Privacy and Data Security

A Legal Guide to Privacy and Data Security, a new book offering guidance on a wide variety of privacy and data security laws and how those laws may impact your business, is now available from the Minnesota Department of...more

FCPA Compliance and Ethics Report-Episode 72-interview with Michael Rasmussen [Video]

In this episode of the FCPA Compliance and Ethics Report, I interview Michael Rasmussen, the GRC Pundit. As the man who coined the phrase 'GRC' Michael is one of the country's top GRC experts. He talks about the recent OCEG...more

Anti-Bribery and Corruption Compliance Practices

Compliance Week published its 2014 Anti-Bribery and Corruption Benchmarking Report, a survey of over 180 executives involved in ethics and FCPA compliance and internal audit. The Survey focused on risk, dealing with third...more

What Are the Regulators Thinking?

Recently the New England Chapter of the National Association of Corporate Directors presented a distinguished panel of current and former securities regulators discussing enforcement and governance issues facing boards of...more

Boards of Directors Charged with Cybersecurity Risk Management by SEC Commissioner

Last week, SEC Commissioner Luis Aguilar outlined expectations for directors of public companies to manage cybersecurity risk. If you think it is enough that a board of directors reviews annual budgets for privacy and IT...more

Security Breach Notification Chart - Revised June 2014

Perkins Coie's Privacy & Security practice maintains a comprehensive chart that summarizes state laws regarding security breach notification. The chart is for informational purposes only and is intended as an aid in...more

SEC Commissioner Calls on Corporate Boards to Address Cybersecurity—Refers to NIST Cyber Framework as “the Bible”

While attending the "Cyber Risks and the Boardroom" Conference at the New York Stock Exchange on Tuesday, June 10, 2014, U.S. Securities and Exchange Commissioner Luis Aguilar called on corporate boards to make sure they are...more

SEC Requires Greater Disclosure of Cyber Events

Cyber is still a relatively young risk and the various stakeholders in cyber-risk are at times, still trying to determine their particular role. This includes the officers and/or directors of companies for establishing...more

SEC Establishes Cybersecurity Initiative for Broker-Dealers and Investment Advisers

On April 15, 2014, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) released a National Exam Priority Risk Alert announcing its initiative to evaluate cybersecurity...more

Will the Cybersecurity Framework Create a New Standard Operating Procedure for Businesses?

On February 12, 2013, President Barack Obama issued Executive Order 13636 (EO 13636) entitled “Improving Critical Infrastructure Cybersecurity.”EO 13636 noted the importance of cybersecurity for the nation’s security and...more

Ignoring XP End Of Life May Make Your Company An Attractive Target

On April 8, Microsoft officially ended all support and ceased providing updates for their Windows XP operating system. This “end of life” (EOL) announcement is not uncommon with software platforms, where continued support of...more

SEC Takes Proactive Approach to Cybersecurity

Last month, the Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) formally announced its cybersecurity initiative in a Risk Alert. The initiative followed up on OCIE’s...more

Business News Digest – April 2014

In this issue: - Cybersecurity Assessments – Using the Tool Well - A SOX in the Gut: Supreme Court Vastly Expands Workplace "Whistleblower" Law - SEC to Scrutinize Never-Examined Investment...more

HHS's New Security Risk Tool for HIPAA Compliance

On March 28, 2014, the HHS Office of the National Coordinator for Health Information Technology (ONC), in conjunction with the HHS Office for Civil Rights (OCR), released a Security Risk Assessment tool (SRA tool) to assist...more

Privacy And Data Security For Life Sciences And Health Care Companies

Pepper Hamilton Health Care-Life Sciences Webinar - The explosion of mobile technology and Web applications linking patients with doctors, pharmacies and medical devices is undergoing scrutiny by the FDA, FTC, HHS and...more

FINRA Conducting Cyber-Security Sweep Exam

Reacting in part to recent data-breaches and cyber-attacks on larger retailers, the Financial Industry Regulatory Authority (“FINRA”) is conducting a targeted examination of some 20 broker-dealer member firms’ compliance and...more

Executive Branch acts on cybersecurity - what you need to know about this groundbreaking effort

Yesterday, the White House released the National Institute of Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity, which is a key step in the implementation of Executive Order 13636 on...more

SEC Examiners to Take a Close Look at Firms’ Cyber Security

A high-level SEC official told an industry group yesterday that the National Examination Program (NEP) will be reviewing asset managers’ policies and procedures for preventing cyber attacks. In particular, the SEC is looking...more

U.S. Privacy and Data Protection: 2013 Year in Review and a Look Ahead to 2014

In Boston, we celebrated Data Privacy Day (January 28) by presenting “U.S. Privacy and Data Protection: 2013 Year In Review and a Prediction of What’s to Come in 2014” for participants in an IAPP KnowledgeNet. Our panel of...more

Cybersecurity and the duty of care: a top 10 checklist for board members

Visibility on information security, including cybersecurity as well as physical security aspects, is increasingly permeating corporate life. The relatively new SEC requirements for public disclosure of cybersecurity...more

Accretive Health Data Breach Leads To Twenty-Year Settlement With The FTC

On December 31, 2013, the Federal Trade Commission ("FTC") announced that Accretive Health, Inc., ("Accretive") agreed to settle charges that the company's inadequate data security measures exposed sensitive consumer...more

47 Results
|
View per page
Page: of 2