National Institute of Standards and Technology

News & Analysis as of

What General Counsel Need To Know About The Latest Cybersecurity Developments

In the wake of reported security breaches at a number of significant financial institutions, cybersecurity is garnering more attention and concern than ever before — both within the financial services industry and among...more

NIST, White House Continue Efforts to Enhance Cybersecurity Awareness and Protections

The National Institute of Standards and Technology (NIST) and the White House continue efforts to improve private sector security and increase sharing of information about potential cybersecurity threats. ...more

Security Risks Posed by Mobile Apps: Do You Have a Vetting Process in Place?

As more organizations deploy mobile apps to facilitate their business processes, it is important that those organizations develop a specific app vetting process in order to mitigate the security risks that such apps can...more

White House Creates New Federal Agency To Combat Cyber-Threats

The White House, on February 10, 2015, announced the creation of a new federal agency, the Cyber Threat and Intelligence Integration Center (“CTIIC” or the “Center”), to combat cyber-threats by coordinating digital...more

President Obama Issues Executive Order Promoting Private Sector Cybersecurity Information Sharing

On Friday, February 13, 2015, President Obama signed an executive order, Promoting Private Sector Cybersecurity Information Sharing (the “EO”), designed to encourage private companies to share information regarding threats to...more

OCIE's Cybersecurity Risk Alert Provides Insight For Investment Advisers Into Peer Practices

On February 3, 2015, the SEC's Office of Compliance Inspection and Examinations ("OCIE") released a risk alert titled Cybersecurity Examination Sweep Summary providing an overview of how investment advisers and broker-dealers...more

Coming Soon to a FAR Near You: Cybersecurity Requirements

There are a growing number of cybersecurity requirements applicable to government contractors that work with the Department of Defense (DoD) and intelligence community. ...more

Going for Brokerage: SEC Report Highlights Best (and Worst) Practices in Cybersecurity Preparedness

On February 3, 2015, the U.S. Securities and Exchange Commission released a Risk Alert addressing cybersecurity issues at brokerage and advisory firms, along with suggestions to investors on ways they can protect themselves...more

PCI Council: SSL Will No Longer Be Sufficient for E-Commerce

In the latest edition of the PCI Council’s Assessor Newsletter, the Council previewed a proposed change related to the use of Secure Socket Layer (SSL) protocol for encrypting communications between your website’s e-commerce...more

How Does Your Firm Compare? Results from the SEC’s Cybersecurity Examinations

On Feb. 3, 2015, the Securities and Exchange Commission (SEC) published a Risk Alert summarizing observations gleaned from a cybersecurity examination sweep of 57 registered broker-dealers (BDs) and 49 registered investment...more

Bank Board Director Alert: Banking on Cybersecurity

Prudential bank regulators and other supervisory authorities have put cybersecurity front and center in 2015 by issuing guidance that sets forth their expectations of improved cybersecurity and that incorporates cybersecurity...more

NIST Releases Guidelines for Vetting the Security of Mobile Applications Used by Businesses and Their Employees

Companies and their employees are increasingly using mobile devices and mobile applications (apps) to improve connectivity, communication and productivity. Unfortunately, these same companies may be unintentionally exposing...more

Farewell, Federal Cybersecurity Incentives?

Administration Takes Private Sector Incentives Off the Table, While Obama Calls for $14 Billion in FY 2016 Budget to Strengthen Government’s Cybersecurity Efforts The White House’s Cybersecurity Coordinator Michael...more

Privacy Tuesday – February 2015

Three things you should know on this Privacy Tuesday: Over 110,000 Facebook Uses Hit With Malware - Cybercriminals are targeting Facebook users with malware embedded in videos that are pushed to their timeline...more

Treasury: Ten Questions for Bank Executives and Boards of Directors

On December 3, 2014, Sarah Raskin, Deputy Secretary of the U.S. Department of Treasury (Treasury), gave a speech before the Texas Banker’s Association Executive Leadership Cybersecurity Conference. Deputy Secretary Raskin’s...more

The Merchant Financial Cyber Partnership Issues Cybersecurity Recommendations

The Merchant Financial Cyber Partnership (“the Partnership”) recently released eight recommendations aimed at enhancing the data security of the payments system across the merchant and financial industries. The Partnership...more

Privacy & Cybersecurity Update - December 2014

In This Issue: - The Critical Takeaway for Every Company From the Sony Cyber Attack - Sony Data Breach Class Action Complaint Provides Insight Into Cybersecurity Issues - Reminder: New California Data...more

National Institute of Standards and Technology Publishes New Guidance on Privacy Controls

On December 16, the NIST announced the release of its new guidance on assessing the security and privacy safeguards for federal information systems and organizations. The updated guidance will be used by government IT...more

Congress Confirms NIST’s Role in Cybersecurity – and the Continuation of the Cybersecurity Framework

The Cybersecurity Enhancement Act of 2014 (CEA) was passed by the House and the Senate on December 11th, and signed by the President on the 18th. The bill formalizes the role of the National Institute for Standards and...more

Cybersecurity Legislation Focuses on Federal Government Initiatives – Leaves Private Sector Reforms for 2015

One of the few things the parties in Congress can agree upon these days is cybersecurity – at least when it comes to directing the federal government’s cyber activities. In its final days, the 113th Congress reached agreement...more

Congress Passes The Federal Information Security Modernization Act of 2014: Bringing Federal Agency Information Security into the...

The Federal Information Security Modernization Act of 2014 (FISMA) was passed by the Senate on December 8th, by the House on December 10th, and by the President on December 18th. It is a comprehensive bill intended to bring...more

An Update on the Cybersecurity Framework and Action Items for NIST

The National Institute of Standards and Technology (NIST) recently released an update on its Framework for Improving Critical Infrastructure Cybersecurity (The Framework). The Framework was first issued in February 2014 as a...more

Cyber-Breach & NISPOM Conforming Change 2 – It’s What’s on the Inside That Counts

Most companies are worried about external threats – things that are coming at their people, their group, their company, their government, all from an outside actor. Like government’s with an eye on counter-intelligence,...more

Interconnectivity And Information Sharing: Cause As Well As Cure for Cyber Attacks?

The modern day interconnected business creates a number of opportunities, but also brings with it massive issues relating to breach of privacy and data security in the form of cyber attacks, which cost companies and taxpayers...more

Privacy & Cybersecurity Update - November 2014

In This Issue: - EU Issues Guidelines on ‘Right to be Forgotten’ - FFIEC Observations on Bank Cybersecurity Provides Important Guidelines for Every Industry - Remarks by Comptroller Curry Highlight OCC...more

184 Results
|
View per page
Page: of 8