Gramm-Leach-Blilely Act Cybersecurity

News & Analysis as of

2016 Breach Roundup, Part I: U.S. State Data Breach Notification Laws Highlights and Trends

In many respects, 2016 has been a remarkable year, but one constant with recent history is that multiple states (six this year) amended their breach notification statutes. As is commonly stated, the U.S. ...more

FTC Publishes Data Breach Response Guidelines

Whether resulting from a planned cyberattack or mere carelessness, data breaches are on the rise. In 2015, 781 data breaches were reported across the United States, with the average breach costing $3.8 million. In 2016, the...more

Federal Banking Agencies Propose “Enhanced Cyber Risk Management Standards” For the Largest Banks

In a major new cybersecurity initiative the federal banking agencies have issued an advanced notice of proposed rulemaking (“APNR”) seeking comment on enhanced cybersecurity standards for banking entities with $50 billion or...more

Fenwick Privacy Bulletin - Fall 2016

Privacy Shield – An Early Reflection - EU law generally prohibits the transfer of personal data from the European Economic Area to the U.S., unless the transfer is made in accordance with an authorized data transfer...more

Privacy & Cybersecurity Update: New York State Proposes Cybersecurity Regulation for Financial Institutions

New York state has proposed a new regulation — to go into effect January 1, 2017 — that would require banks, insurance companies and other financial services institutions regulated by the New York State Department of...more

Cybersecurity News and Notes - September 2016

In Case You Missed It: The Federal Trade Commission has opened a public comment period to evaluate its Safeguards Rule (16. C.F.R. § 314.3). Under the Gramm-Leach-Bililey Act (GLBA), which regulates financial institutions,...more

Heal Thyself: Insider Threats to Heed, Especially for Industries with Large Amounts of Personal Information

A recent study by the Ponemon Institute found that insider threats due to malicious or negligent employees are the leading cause of private-sector cybersecurity incidents. Of the over 600 information security professionals...more

International Regulators Issue Cybersecurity Guidance to the Financial Industry

The Bank for International Settlement (BIS) Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO) last week issued the first internationally agreed-upon...more

Illinois Joins the Fray: Strengthens its Laws Around Data Breach Notification and Data Security

Sophisticated phishing scams and muscular hacking efforts continue to compromise personal and sensitive information held by insurers, hospital systems, and businesses large and small. In response, many states have...more

Tennessee Legislature Amends Data Breach Notification Statute - Encryption is No Longer an Automatic Safe Harbor

On March 24, 2016, Governor Haslam signed S.B. 2005 which amends Tennessee's data breach notice statute. The amended statute will go into effect on July 1, 2016. The new Tennessee breach notice requirements are triggered by...more

NAIC Task Force Continues Work on Insurance Data Security Model Law

On May 24 and 25, the National Association of Insurance Commissioners (the NAIC) Cybersecurity (EX) Task Force (the Task Force) hosted a meeting in which state insurance commissioners and interested parties were invited to...more

Ransomware: Electronic Extortion for a Digital Era

Last month, the FBI asked the American Bar Association to share a cyberalert with its members warning of an increased risk of ransomware. Ransomware poses significant legal and operational risks to businesses. Personnel at...more

NAIC Report: 2016 Spring National Meeting

The National Association of Insurance Commissioners (NAIC) held its 2016 Spring National Meeting from April 1 through April 6 in New Orleans, Louisiana. As host, Louisiana provided beautiful weather and bountiful great food....more

Cyber Security

Roughly one million pieces of malware—computer viruses or malicious software—are released every day. In recent years, we’ve witnessed an unprecedented level of activity in the cyber arena, both in the form of increased...more

Financial Institutions Spend More on Cybersecurity

Financial institutions have been at the forefront of protecting their customers’ personal information, including names, addresses, phone numbers, account numbers, Social Security numbers, income, and credit histories. The...more

Privacy & Cybersecurity Newsletter: April 2016

What seems like a long time ago now, in 2011 PricewaterhouseCoopers (PwC) warned that “there is no question that law firms are among the companies being targeted by cyber criminals.” Despite this, many law firms believed (or...more

Tennessee Gives Businesses 45 Days for Data Breach Notice

Recent amendments to the State’s data breach statute give a hard deadline for a business to provide consumer notice, removes encryption safe harbor, exempts entities that are subject to the Health Insurance Portability and...more

Privacy Implications of CISA for Financial Institutions

Financial institutions are attractive targets for cyber attacks due to their collection of private customer and economic information. In order to help the private sector respond more effectively to cyber attacks, President...more

Developments in Cybersecurity: Privacy Laws, Hacking Beyond Customer Data, and Communicating with Corporate Boards

I. Legal Exposure to Federal and State Privacy Laws - A. Federal Statutes and Enforcement - 1. Federal Trade Commission Act, 15 U.S.C. §§ 41-58 - The Federal Trade Commission (FTC) has emerged as the leading...more

Cybersecurity Legislation Stalks Bank Directors

To avoid potential personal liability for cybersecurity breaches, bank directors should take proactive steps to make sure their institution complies with all applicable regulations. In the wake of recent well-publicized...more

Cybersecurity Preparedness & Response Alert: Effective Cybersecurity: The Evolving Regulatory Landscape for Investment Advisers,...

Cybersecurity has become a top concern for executives and boards across all sectors of commerce and critical infrastructure that rely on digital technologies—including financial services—and investment advisers, investment...more

GLBA Annual Privacy Notice Eliminated under Certain Circumstances: Buried in a Highway Bill!

On December 4, 2015, President Obama signed the Highway Bill, dubbed Fixing America’s Surface Transportation Act (“FAST Act”), into law. Buried in the 490 page transportation law is a significant amendment to the...more

Treasury Department Issues Cybersecurity Checklist for Financial Institutions: What Might Apply to Your Financial Services...

On November 17, 2015, Deputy Treasury Secretary Sarah Bloom Raskin devoted her remarks at the Clearing House Annual Conference to financial sector cybersecurity. She concluded with a list of recommendations for handling...more

Alert: New Department of Defense Regulations Mandate the Reporting of Cyber Incidents

The Department of Defense (DoD) has published regulations that require DoD contractors to report cyber incidents impacting unclassified DoD contractor systems. The new regulations mandate compliance with elements of the...more

SEC brings first cybersecurity-related enforcement action

The Securities and Exchange Commission (“SEC”) recently settled its first cybersecurity-related enforcement action against a Missouri based registered investment adviser, R.T. Jones Capital Equities Management, Inc. (the ...more

45 Results
|
View per page
Page: of 2
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×