Data Protection Cybersecurity

News & Analysis as of

Data Security for Employers: An Update

Employers store, manage, and share sensitive data about employees. The Navigator and other commentators have written a lot about issues related to personally identifiable information, health-related data, and employee...more

New FTC Data Breach Response Guidelines

Cybersecurity should always be at the top of any retailer’s priority list—and even more so as the holiday shopping season gets underway. To that end, the Federal Trade Commission’s newly-released Data Breach Response...more

There’s No Flying Under the Radar: Why Small Businesses Should Get Smart About Information Security

The latest publication by the National Institute of Standards and Technology (NIST), entitled “Small Business Information Security: The Fundamentals,” aims to promote and assist small businesses in their efforts to manage...more

FTC Publishes Data Breach Response Guidelines

Whether resulting from a planned cyberattack or mere carelessness, data breaches are on the rise. In 2015, 781 data breaches were reported across the United States, with the average breach costing $3.8 million. In 2016, the...more

DFARS and DIB: Compliance Steps for DoD’s Newly Finalized Cybersecurity Rules for Contractors

For businesses that work with the U.S. Department of Defense (“DoD”), two important rules for safeguarding certain categories of sensitive information and reporting cyber incidents were recently finalized, updating the...more

OCR Issues Alert Regarding Phishing Email Disguised as Official OCR Audit Communication

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published an alert on Nov. 28 describing a phishing email being circulated on mock HHS departmental letterhead under the signature of OCR...more

Center for Cyber & Homeland Security Issues Report on How the Private Sector Can Actively Defend Against Cyber Threats

Earlier this year, the Center for Cyber & Homeland Security at the George Washington University (“Center”) announced a new project on active defense against cyber threats. The Center established a high-level task force to...more

HHS OCR Alert: Phishing Email Disguised as Official OCR Audit Communication

This alert just in from HHS OCR: “It has come to our attention that a phishing email is being circulated on mock HHS Departmental letterhead under the signature of OCR’s Director, Jocelyn Samuels. This email appears to...more

OCR Warns of Phishing Campaign Disguised as Official OCR Communication

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published an alert on Monday describing a phishing campaign disguised as an email from OCR. The email is being circulated on mock HHS...more

NIST Issues Internet of Things (IoT) Guidance

Smart machines connected to the internet have become ubiquitous in our daily lives. They make up the Internet of Things (“IoT”), a vast web of interconnected iPhones and Fitbits, tablets and cameras, even baby monitors and...more

Alert: Congressional Hearings and NIST Publication Continue Focus on IoT Security

Two actions in the past few weeks reflect the continuing government involvement in and concern over the security of Internet of Things (IoT) devices. Attacks using connected devices have highlighted security vulnerabilities...more

Privacy Tip #62 – PoisonTap Can Compromise Computer with USB Stick

Security researcher Samy Kamkar has announced that a new hacking tool—PoisonTap—can be loaded onto a USB stick and used to hijack the Internet connection of one’s computer....more

New IBM/Ponemon Study Shows Low Organizational Cyber Resilience

A new IBM/Ponemon Study released late last week, 2016 Cyber Resilient Organization, reveals that only 32 percent of IT and security professionals believe that their organization has a “high” level of cyber resilience....more

NIST Releases Guidance on Internet of Things

The National Institute of Standards and Technology (NIST) recently released guidance for the makers of devices that use or are connected to the Internet to build robust security measures into the design of products from the...more

Data Breach Decision Points: Part 8

The best way for a company to handle a data breach is to be prepared. As we discuss in our data breach readiness handbook, preparation includes, among other things, drafting an incident response plan, reviewing...more

DFS Cyber Regulation: Part II – An Interview with Bay Dynamics’ Steven Grossman

This is the second installment in our interview with Steven Grossman, VP Strategy & Enablement at Bay Dynamics, the cyber risk analytics company. Here, Steven discusses the importance of aligning an institution’s risk...more

Banks to Broaden Reporting of Suspicious Cyber Activity; Regulators Propose “Enhanced” Cybersecurity Standards

The fourth quarter of 2016 has seen an uptick in regulatory activity respecting the financial services sector in the cybersecurity space, both at the state level as previously discussed (here) and on the federal level....more

Prevent and Prepare for a Cybersecurity Breach

Hacking of organizations’ systems is becoming increasingly commonplace, even with advancements in security practices. To mitigate risk, a company must have an enterprise-level, cross-functional incident response plan that is...more

Bryan Cave Data Security Breach Handbook - 2016

Since the first publication of this handbook in 2014, the legal ramifications for mishandling a data security incident have become more severe. In the United States, the number of federal and state laws that claim to...more

DFS Cyber Regulation: Changing the Rules – An Interview with Bay Dynamics’ Steven Grossman

As part of Patterson Belknap’s continuing focus on the New York Department of Financial Services (DFS) proposed cybersecurity regulation, we sat down with Steven Grossman, VP Strategy & Enablement at Bay Dynamics, a cyber...more

UK ICO Issues New Guidance on Privacy Notices

The UK’s Information Commissioner’s Office (ICO), the independent authority responsible for the enforcement of the Data Protection Act 1998 (DPA), has issued a revised code of practice (the Code) on communicating privacy...more

NIST Releases Cybersecurity Guide for Small Businesses

We often hear from small businesses that they do not believe they can be a “target” of hackers, or that they are at risk of a cyber intrusion. This thought is naïve as small businesses are at risk of cyber intrusions, and due...more

China Promulgates New Cybersecurity Law

On Monday, November 7, 2016, the Standing Committee of the National People’s Congress of China promulgated a new cybersecurity law, providing the Chinese government with sweeping authority to regulate and monitor internet...more

Attacking Cybersecurity from the Inside Out: Part II

Last week in the first installment of our Attacking Cybersecurity from the Inside Out series, we outlined the steps a company’s board and executive leadership should take to prioritize cybersecurity. In this second...more

Preparing for a Data Security Breach: Ten Important Steps to Take

Is your company prepared to respond to a data security breach? For many companies, even reading this question causes some anxiety. However, being prepared for what seems like the inevitable—a security breach—can be the...more

1,242 Results
|
View per page
Page: of 50
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×