Security and Privacy Controls

News & Analysis as of

China moves to implement security review of network products and services: but leaves foreign investor and manufacturer concerns...

On 4 February 2017, the Cyberspace Administration of China issued a draft of the Network Products and Services Security Review Measures (“Draft Measures”) for public comment: the Draft Measures remain open for comments until...more

Data Privacy and Security: A Practical Guide for In-House Counsel, 2017 Edition

Boulder Partner David Zetoony published the 2017 edition of his handbook, Data Privacy and Security: A Practical Guide for In-House Counsel, on Jan. 28 – Data Privacy Day. The guide provides an overview of laws relevant to a...more

Top 10 for 2017 – Happy Data Privacy Day

In honor of Data Privacy Day, we provide the following “Top 10 for 2017.”  While the list is by no means exhaustive, it does provide some hot topics for organizations to consider in 2017. ...more

What Do You Need To Know About New York And Cybersecurity

On March 1, New York will go live with cybersecurity rules for financial service providers such as banks, insurance companies and others subject to the Department of Financial Services’ jurisdiction. At its core, the rules...more

Advertising Law - January 2017

SPECIAL FOCUS: Memories Light the Corners of Regulators' Minds - The Federal Trade Commission and the Attorney General for the State of New York (NY AG) recently filed a joint lawsuit against Wisconsin based Quincy...more

A Case Study on How Regional Manufacturing Firms Are Increasingly the Targets of Cybercrime

As their methods evolve, cybercriminals are increasingly targeting regional manufacturing businesses with sophisticated and potentially costly attacks. A recent ransomware attack on a mid-sized manufacturer in the Southeast...more

Increasing Ransomware Attacks in Higher Education

Malicious “ransomware” attacks — where a hacker takes control of the victim’s information systems and encrypts data, preventing the owner from accessing it until the victim pays a sum of money — are on the rise against...more

Central Bank of UAE issues new security requirements for digital payments and prohibits virtual currencies

The Regulatory Framework for Stored Values and Electronic Payment Systems (Regulation) issued by the UAE's Central Bank came into effect on 1 January 2017. Digital payment service providers in the UAE must now comply with a...more

Protecting Confidential Information from Untrustworthy Employees

Employers that maintain records of their employees and customers and allow employees have access to confidential information have long needed policies that not only secure the information, but ensure that employees who have...more

Cybersecurity Threats Everywhere–Beware of USB Keys

In as little as 13 seconds, all of a company's data can be stolen by simply plugging in a USB drive. Intelligence agencies famously used this approach when uploading the Stuxnet worm at an Iranian nuclear facility, but...more

Top 10 Issues for Employers, Issue #6: Balancing BYOD Programs with Expectations of Privacy at Work

This is the sixth instalment in our Top 10 Issues for Employers series. OVERVIEW - The workplace practice of bring your own device (BYOD) has hit the mainstream as more and more employees use their own mobile...more

Data Breach Handbook for the Restaurant Industry

Although statistics vary, in 2015 there were approximately 3930 incidents involving data loss and, according to one watchdog group, those incidents impacted over 736 million consumer records. Many of those data security...more

Pension Plan Suffers Cybersecurity Attack, ERISA Advisory Council Offers Cybersecurity Recommendations to DOL

It has been reported that infamous bank robber, Slick Willie Sutton, once said, “I rob banks because that’s where the money is.” Data thieves, understandably, have a similar strategy – go where the data is. The retail...more

CFTC Approves Supplemental Proposal to Regulation AT

On November 4, the Commodity Futures Trading Commission (CFTC) approved for publication in the Federal Register a supplemental proposal (the "Supplemental Proposal") to Regulation Automated Trading ("Regulation AT"). The...more

Mitigating Cybersecurity Risks

Hacking of organisations’ systems is becoming increasingly commonplace, even with advancements in security practices. To mitigate risk, a company must have an enterprise-level, cross-functional incident response plan that is...more

CFTC Revises Proposed Reg AT

The Commodity Futures Trading Commission (CFTC or Commission) on November 3, 2016, proposed revisions (the Supplemental Proposal) to proposed Regulation Automated Trading (Reg AT). Reg AT, if adopted, will broadly affect...more

Personal Data Protection Act - Obligations to protect and secure data, and what to do in case of breach

Since the coming into force of the Personal Data Protection Act (Cap 26 of 2012) (PDPA) in 2012, many organisations had focused only on part of their obligations under the PDPA, i.e. that of ensuring that their policies and...more

Guidelines for Third-Party Vendor Management Programs

Third-party service providers present difficult and unique privacy and cybersecurity challenges. Vendor management is important throughout the life of your relationship with your vendors. Vendor diligence starts during the...more

Guidelines for Cloud Computing

Most companies now use some form of cloud computing whether through software as a service, platform as a service, or infrastructure as a service. Cloud computing’s cost-effective scalability can offer significant advantages...more

Cyber Security Awareness Needs To Last Beyond October

The U.S. Department of Homeland Security (DHS) has designed October as National Cyber Security Awareness Month. But as we leave October, remember that data security is an ongoing challenge that requires continued vigilance...more

Guidelines for Privacy Certifications and Trustbrands

Privacy certifications, or “trustbrands,” are seals licensed by third parties for organizations to place on their homepage or within their privacy policy. The seals typically state, or imply, that the organization which has...more

New Use for Drones on Australian Beaches

In Western Australia’s South West beaches surveillance drones will hit the skies to increase swimmer safety by spotting sharks in the water. This project will take place over a three-month period (from November to January)...more

How Much Do You Spend on Cybersecurity…and on What?

Fortune.com reported that according to an International Data Corporation (IDC) forecast, by 2020, spending on security-related hardware, software, and services will eclipse $100 billion. However, consulting company NTT Com...more

Guidelines for Data Maps and Data Inventories

Knowing the type of data that you collect, where it is being held, with whom it is being shared, and how it is being transferred is a central component of most data privacy and data security programs. The process of answering...more

HHS Issues Cloud Computing Guidance Which Is Helpful To All Users of Cloud Services

Last week, the Department of Health and Human Services’ Office for Civil Rights (OCR) provided guidance for HIPAA covered entities and business associates that use or want to use cloud computing services involving protected...more

169 Results
|
View per page
Page: of 7
Popular Topics

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×