Information Security

News & Analysis as of

A Checklist for Protecting Personal Information

Customers care a great deal about how companies handle their personal and financial information as do government regulators in the United States and abroad. Build a strong data security program and establish a track record...more

Swarming Regulation of Personal Data in the US Tech Sector

Sectoral regulation of privacy and information security in the United States has created a complex system for tech innovation, because new products and services transcend the traditional sectoral boundaries and because...more

[Event] Privacy & Security in the Internet of Things - Jan. 27th, 9:00-10:30am

The IoT era is here. With expectations of tens of billions of IoT devices coming online in the next few years, the data privacy and security concerns are growing almost as quickly. IoT devices are expected to be involved in...more

FTC Reveals Agenda for PrivacyCon

On December 29, the FTC revealed the full agenda for PrivacyCon, a Washington, D.C. conference scheduled to take place on January 14, 2016. Participants will examine current research and trends related to consumer privacy and...more

Extension given to DOD contractors to comply with cybersecurity requirements

The U.S. Department of Defense (DOD) issued an interim rule on December 30, 2015 that extended the deadline for DOD contractors to comply with security requirements for protecting non-classified, but sensitive government...more

Congress Acts to Protect Critical Electric Infrastructure Information

On December 4, 2015, President Obama signed into law the “FAST Act”—short for Fixing America’s Surface Transportation Act. Though primarily a highway bill, the FAST Act also includes energy security amendments to the Federal...more

Information Security and Privacy News: Critical Cybersecurity Policies and Practices After the Settlement Order in FTC v. Wyndham...

Companies are threatened daily by attacks that expose customer credit card and other information stored on company servers, personal computers and other devices. It is, therefore, critical that companies do these three...more

A Great Leap Forward: EU Soon to Have Broad Rules on Cybersecurity and Incident Reporting

On December 7, 2015, more than two and a half years after the first draft, the European Union Council finally reached an important, informal agreement with the Parliament on important network and information security rules...more

Long and Wyndham Road: The Federal Trade Commission Extends Section 5 Unfairness to Regulate Data Security

In a surprising development, Wyndham Worldwide Corporation settled a long running dispute last week with the Federal Trade Commission that arose from three data breaches Wyndham suffered between 2008-2010. After an...more

EU Institutions Adopt First Pan-European Legislation on Cybersecurity

On December 7, 2015, after more than two years of legislative consideration, the European Union adopted the Directive on Network and Information Security (“NIS Directive”). Under the NIS Directive, operators of essential...more

EU-wide cybersecurity rules nearing final agreement

The EU is close to finalising the Cybersecurity Directive, which will place significant security and incident reporting obligations on operators of essential services and digital service providers. On 7 December 2015,...more

One Step Closer to the Network and Information Security Directive

On Monday, the European Parliament, Council and Commission came to an agreement on the Network and Information Security (NIS) Directive. The NIS Directive is the first pan-European set of cyber security rules and aims...more

HIPAA and Text Messaging

Text messaging is pervasive. Doctors and other health care providers, covered entities, and business associates currently use (and embrace) the technology. Texting is easy, fast and efficient. It doesn’t require a laptop...more

Could a Vendor’s Lax Info Security Ruin Your Holiday Sales? Seven Preventative Steps for Retailers

Many of the largest retailer data security breaches have been caused or enabled by the acts or omissions of retailers’ vendors, such as the widely publicized incident at Target Corporation. Several such breaches occurred...more

FTC Releases Agenda for Start with Security Conference

On October 14, the FTC announced the agenda for its Start with Security conference, scheduled to take place on November 5 in Austin, TX. The conference is intended to provide companies, particularly start-ups and developers,...more

California Beefs Up Encryption & Notice in Data Breach Law

On October 8, 2015, California Governor Jerry Brown signed A.B. 964 and S.B. 570 into law, a pair of bills that amended the Golden State’s data breach notification statute (Ca. Civ. Code § 1798.82). The amendments...more

California Enacts Three Bills Amending Breach Notification Statute

Last week, California Governor Jerry Brown signed into law three bills that revise California’s data breach notification statute. The bills, which take effect January 1, 2016, establish specific formatting requirements for...more

Unmasking Information Governance: What is it and how do I move it forward in my organization?

The heightened state of information security in recent years has instigated genuine collaboration, in many organizations, amongst its professionals in IT, records, security, risk, compliance, and other stakeholders in...more

Global Private Equity Newsletter - Fall 2015 Edition: Evaluating Cybersecurity Risks and Preparedness in Target Companies

Before committing resources to a potential investment, private equity firms should aggressively evaluate a target company’s cyber risks and cyber preparedness. Some target companies are naturally more exposed to cyber risk...more

CFPB Information Security Remains a Challenge

The Office of the Inspector General (OIG) has released the “2015 list of major management challenges” faced by the CFPB that the OIG believes will hamper the CFPB’s ability to accomplish the CFPB’s strategic objectives. Like...more

Information Security: MBA Whitepaper

Recently, the Mortgage Bankers Association released “The Basic Components of an Information Security Program,” for small and medium size companies in the mortgage industry that may not have the resources to stay well-informed...more

Media Query Call on Line 1: Do’s and Don’ts from an Information Security Officer

Putting your organization’s name in the paper can be a boon to both your business and your career. The ego stroke isn’t bad either; it can be quite a jolt to see your name in a trade or general news publication for the first...more

What's So Great About an Information Security Policy?

Lawyers and compliance professionals constantly tout the importance of internal information security policies, particularly in light of data privacy problems that are reported almost daily in the media. Admittedly, drafting...more

National Futures Association Proposes Cybersecurity Guidance for NFA Member Firms

NFA links NFA’s supervisory requirements with its proposed requirements mandating that NFA Members have information systems security programs. The National Futures Association (NFA) has proposed cybersecurity...more

Security Frameworks 101: Which is Right for my Organization?

These days information security is on the minds of virtually all technology professionals and business executives alike. But how does an organization ensure that their security profile is adequate. It can certainly help to...more

61 Results
|
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×