Risk Mitigation Cybersecurity

News & Analysis as of

Advanced Cyber Security Center Panel Explores Reasonableness in Cybersecurity

I had the pleasure of moderating an excellent panel at the Advanced Cyber Security Center’s annual conference on November 4. The panel’s topic for discussion was “What is Reasonable in Cybersecurity: Responsibility and...more

A Compilation of Enforcement and Non-Enforcement Actions

Non-Enforcement - SEC Decides Against Mounting an Appeal in Koch Ruling - The July 2015 ruling by the D.C. Circuit Court in Koch v. SEC will apparently not be challenged by the SEC. The Court ruled in that...more

What the Recent NAIC Financial Condition Examiners Handbook Changes Mean for Insurers

On September 21, 2015, the National Association of Insurance Commissioners (NAIC) IT Examination Working Group adopted amendments to the IT section of the Financial Condition Examiners Handbook (“the Handbook”). The changes...more

Cybersecurity and Risk Management: “Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers”

A timely new resource for business executives, technology professionals, and lawyers alike is the newly-published Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers from the New York...more

School Districts to Undergo Cybersecurity Audit

Missouri Auditor Nicole Galloway recently announced plans to conduct cybersecurity audits of five school districts. Coinciding with National Cybersecurity Awareness Month, the audits are intended to reveal how school...more

Data Breaches Are Not Academic: Colleges and Universities Should Take Appropriate Steps To Avoid or at Least Minimize Their...

Data breaches at colleges and universities are on the rise. These institutions are targets because their networks have access to a large amount of private information, including educational and medical records, as well as...more

Who is Stealing Your Trade Secrets? An Overview of Key Threats

Every company has trade secrets – for some, they may be special manufacturing processes, for other organizations, trade secrets could include product formulae, customer lists, software code or marketing strategies. The more...more

Media Query Call on Line 1: Do’s and Don’ts from an Information Security Officer

Putting your organization’s name in the paper can be a boon to both your business and your career. The ego stroke isn’t bad either; it can be quite a jolt to see your name in a trade or general news publication for the first...more

SEC Issues Cybersecurity Examination Risk Alert

On September 15, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert re-emphasizing the careful scrutiny it will give to the data security practices of...more

SEC’s OCIE Risk Alert Announces New Cybersecurity Exam Initiative – Focus Includes Conducting Tests of Efficacy of Firm’s...

Following up on last year’s cybersecurity sweep exam, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a new Risk Alert on September 15, 2015, announcing a second round of cybersecurity exams. In...more

Treasury Deputy Secretary Raskin Delivers Remarks On Cybersecurity and Insurance

On September 10, Deputy Secretary of the Treasury Sarah Bloom Raskin delivered remarks at the Center for Strategic and International Studies Strategic Technologies Program in Washington, D.C. After summarizing threats posed...more

Legal Considerations in Businesses’ Disaster Planning

In the last decade, Disaster Recovery (“DR”) and Business Continuity Planning (“BCP”) have become “hot” topics, as companies attempt to deal with disasters and the associated business risks. “Force majeure” is a legal concept...more

SEC and DOJ Hacking Prosecutions Highlight SEC’s Increased Interest in Cybersecurity Risks

Companies are reminded of the need for strong internal controls. The US Securities and Exchange Commission (SEC) and the Department of Justice (DOJ) recently filed civil and criminal actions in the largest hacking and...more

NAIC Cybersecurity Forum Focuses on Escalating Threats and Best Remediation Practices

On September 10, the National Association of Insurance Commissioners (NAIC) co-sponsored a cybersecurity forum at the Center for Strategic and International Studies in Washington, DC. Featuring an impressive line-up of senior...more

Medical Device Cybersecurity: Maybe Dick Cheney Was Not So Paranoid After All

Dick Cheney famously disclosed a few years ago that he had the wireless function of his pacemaker disconnected while he was Vice President because he was concerned that hackers might fiddle with the device remotely and do him...more

Cybersecurity for Medical Devices: A Risk Mitigation Checklist for In-House Counsel

Just this summer, a cybersecurity firm issued a report widely cited in the media detailing cases where unnamed hospitals were allegedly hit by data breaches after medical devices (identified only generically as a blood gas...more

Hacking Your Health: For Healthcare Providers, Risk Analysis Must Be Ongoing

Healthcare providers would be wise to keep in mind that if a patient is harmed by a hacked medical device, Exhibit A in the negligence suit against them may be that provider’s risk analysis, or lack thereof....more

Be Alert Asia Pacific: Employment Law Newsletter: Top Tips for Employers: Cyber Risks and Fraud

Cyber risk is becoming a growing concern amongst businesses and institutions. Data breaches and hacking have been problematic among some sectors, predominantly financial services, for some time. These risks are now often...more

Cybersecurity Update - July 2015

Employees are the front line of your information security defense. While technological protections are essential (for example, anti- virus software, firewalls, spam filters, etc.), none are as effective as a vigilant end...more

Twitter Terrorism: Criminals Choose the Hack Attack

In what appears to be yet another brazen demonstration of capability following an earlier hijack of government social media sites, a group calling itself the Syrian Electronic Army (SEA) recently hacked into the U.S. Army’s...more

ALERT: NIST Issues Final Guidance on Federal Contractor Cybersecurity Standards for Controlled Unclassified Information

On June 19, 2015, the National Institute of Standards and Technology (NIST) published the final version of guidance for federal agencies to ensure sensitive information remains confidential when stored outside of federal...more

How Businesses Can Reduce Cyber Risk: Pre and Post Incident: Businesses Need to Take a More Proactive Approach to Reducing What Is...

As the volume of sensitive data that businesses store ever increases, the use of mobile devices continues to grow and cyber villains become ever more sophisticated, it is perhaps of no surprise that we hear about new...more

Cyber-Attacks: Threats, Regulatory Reaction and Practical Proactive Measures to Help Avoid Risks

I. Cybersecurity; Its Importance and Relevance – How We Got to Where We Are Today - In the past few months, the White House, Home Depot, JP Morgan, Hard Rock Hotels, Tesla, the St. Louis Federal Reserve, the Internal...more

Cyber Security - Risk Management and Mitigation

In This Issue: - Agenda - Current Threat Environment - Current Threat Environment - Strategic Importance - Asian Data Privacy Regimes At-A-Glance - Data Protection: Regional temp - Asia-Pacific...more

Top Three Cybersecurity Misconceptions [Video]

Cybersecurity is an issue that should be top-of-mind for all companies. But there are three misconceptions about cybersecurity that can put companies at significant risk. In this video, Foley Partner Michael Overly discusses...more

66 Results
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.