Information Security

News & Analysis as of

Online Contacts and Eyewear Retailer Pays $100,000 Penalty to New York AG for Security Failures

Online retailer Provision Supply LLC (Provision Supply) (operator of EZContactsUSA.com which sells contacts and eye glasses) settled with the New York attorney general last week for its failure to notify its web customers of...more

Orrick's Financial Industry Week in Review

Federal Reserve Announces Extension of Conformance Period under Section 13 of the Bank Holding Company Act - On July 7, 2016, the Federal Reserve announced that it will extend until July 21, 2017 the conformance period...more

FFIEC Warns of Cyber Attacks

The Federal Financial Institutions Examination Council (FFIEC) reiterated the importance of banks protecting themselves from cyber attacks in a newly issued statement, urging financial institutions to "actively manage the...more

Are You Covered? Fourth Circuit Finds CGL Insurance Coverage for Data Breach

As data breaches have continued to grow over the past few years, interest in cyber insurance coverage has grown along with it. This week, the Fourth Circuit upheld a lower court’s ruling in Travelers Indemnity Co. of America...more

FTC Settles with Router Manufacturer for Security Failure

As the number of smart devices in homes connected to the Internet continues to grow, the need to keep home networks secure becomes increasingly important. Device manufacturers that promise to secure these home networks,...more

California Attorney General Defines Minimum Requirements for 'Reasonable Cybersecurity'

California has now weighed in on the definition of “reasonable” security and minimum security requirements for all businesses through the California Attorney General’s 2016 Data Breach Report. The Report references the...more

Backdooring Investment Security (On the Apple Case)

There's lots of talk about information security with the Apple case. But, perhaps just as important, the case also raises important concerns relating to investment security and to the predictability of our markets and laws. ...more

A Checklist for Protecting Personal Information

Customers care a great deal about how companies handle their personal and financial information as do government regulators in the United States and abroad. Build a strong data security program and establish a track record...more

Swarming Regulation of Personal Data in the US Tech Sector

Sectoral regulation of privacy and information security in the United States has created a complex system for tech innovation, because new products and services transcend the traditional sectoral boundaries and because...more

[Event] Privacy & Security in the Internet of Things - Jan. 27th, 9:00-10:30am

The IoT era is here. With expectations of tens of billions of IoT devices coming online in the next few years, the data privacy and security concerns are growing almost as quickly. IoT devices are expected to be involved in...more

Extension given to DOD contractors to comply with cybersecurity requirements

The U.S. Department of Defense (DOD) issued an interim rule on December 30, 2015 that extended the deadline for DOD contractors to comply with security requirements for protecting non-classified, but sensitive government...more

Congress Acts to Protect Critical Electric Infrastructure Information

On December 4, 2015, President Obama signed into law the “FAST Act”—short for Fixing America’s Surface Transportation Act. Though primarily a highway bill, the FAST Act also includes energy security amendments to the Federal...more

Information Security and Privacy News: Critical Cybersecurity Policies and Practices After the Settlement Order in FTC v. Wyndham...

Companies are threatened daily by attacks that expose customer credit card and other information stored on company servers, personal computers and other devices. It is, therefore, critical that companies do these three...more

A Great Leap Forward: EU Soon to Have Broad Rules on Cybersecurity and Incident Reporting

On December 7, 2015, more than two and a half years after the first draft, the European Union Council finally reached an important, informal agreement with the Parliament on important network and information security rules...more

Long and Wyndham Road: The Federal Trade Commission Extends Section 5 Unfairness to Regulate Data Security

In a surprising development, Wyndham Worldwide Corporation settled a long running dispute last week with the Federal Trade Commission that arose from three data breaches Wyndham suffered between 2008-2010. After an...more

EU Institutions Adopt First Pan-European Legislation on Cybersecurity

On December 7, 2015, after more than two years of legislative consideration, the European Union adopted the Directive on Network and Information Security (“NIS Directive”). Under the NIS Directive, operators of essential...more

EU-wide cybersecurity rules nearing final agreement

The EU is close to finalising the Cybersecurity Directive, which will place significant security and incident reporting obligations on operators of essential services and digital service providers. On 7 December 2015,...more

One Step Closer to the Network and Information Security Directive

On Monday, the European Parliament, Council and Commission came to an agreement on the Network and Information Security (NIS) Directive. The NIS Directive is the first pan-European set of cyber security rules and aims...more

HIPAA and Text Messaging

Text messaging is pervasive. Doctors and other health care providers, covered entities, and business associates currently use (and embrace) the technology. Texting is easy, fast and efficient. It doesn’t require a laptop...more

Could a Vendor’s Lax Info Security Ruin Your Holiday Sales? Seven Preventative Steps for Retailers

Many of the largest retailer data security breaches have been caused or enabled by the acts or omissions of retailers’ vendors, such as the widely publicized incident at Target Corporation. Several such breaches occurred...more

California Beefs Up Encryption & Notice in Data Breach Law

On October 8, 2015, California Governor Jerry Brown signed A.B. 964 and S.B. 570 into law, a pair of bills that amended the Golden State’s data breach notification statute (Ca. Civ. Code § 1798.82). The amendments...more

California Enacts Three Bills Amending Breach Notification Statute

Last week, California Governor Jerry Brown signed into law three bills that revise California’s data breach notification statute. The bills, which take effect January 1, 2016, establish specific formatting requirements for...more

Unmasking Information Governance: What is it and how do I move it forward in my organization?

The heightened state of information security in recent years has instigated genuine collaboration, in many organizations, amongst its professionals in IT, records, security, risk, compliance, and other stakeholders in...more

Global Private Equity Newsletter - Fall 2015 Edition: Evaluating Cybersecurity Risks and Preparedness in Target Companies

Before committing resources to a potential investment, private equity firms should aggressively evaluate a target company’s cyber risks and cyber preparedness. Some target companies are naturally more exposed to cyber risk...more

CFPB Information Security Remains a Challenge

The Office of the Inspector General (OIG) has released the “2015 list of major management challenges” faced by the CFPB that the OIG believes will hamper the CFPB’s ability to accomplish the CFPB’s strategic objectives. Like...more

61 Results
|
View per page
Page: of 3
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×