Amy Mushahwar on Data Security

FTC Approves New Data Breach Notification Requirement for Non-Banking Financial Institutions

On October 27, 2023, the FTC approved an amendment to the Safeguards Rule (the “Amendment”) requiring that non-banking financial institutions notify the FTC in the event of a defined “Notification Event” where customer...more

11/1/2023 / Cybersecurity , Data Breach , Data Security , Federal Trade Commission (FTC) , Financial Institutions , Gramm-Leach-Blilely Act , Personally Identifiable Information , Popular , Safeguards Rule

NIST Cybersecurity Framework 2.0 Released for Public Comment

On August 8, 2023, the National Institute of Standards and Technology (NIST) released the initial draft of its Cybersecurity Framework 2.0 and draft Implementation Examples for public comment. This marks the first significant...more

8/30/2023 / Cybersecurity , Cybersecurity Framework , Data Protection , Data Security , Federal Trade Commission (FTC) , NIST , Popular , Risk Management

White House Releases National Cybersecurity Strategy

Our Privacy, Cyber & Data Strategy Team breaks down how the two dozen strategic objectives in Biden’s National Cybersecurity Strategy will fundamentally shift how the United States allocates roles, responsibilities, and...more

3/15/2023 / Biden Administration , Critical Infrastructure Sectors , Cybersecurity , Data Protection , Data Security , Popular

State Financial Regulators Issue Ransomware Mitigation Tool

On October 13, 2020, state financial regulators in partnership with the Bankers Electronic Crimes Taskforce and the U.S. Secret Service, released the Ransomware Self-Assessment Tool (R-SAT) to help financial institutions...more

10/20/2020 / Cyber Threats , Cybersecurity , Data Privacy , Data Protection , Data Security , Ransomware , Risk Mitigation

The NYDFS Brings First Enforcement Action under the Cybersecurity Regulation

On Tuesday, July 21, 2020, the New York Department of Financial Services (the “NYDFS”) brought its first enforcement action under its Cybersecurity Regulation (the “Regulation”) against a large title insurer (the “Company”)...more

7/28/2020 / Cybersecurity , Data Protection , Data Security , NYDFS , Personal Information

UK National Cyber Security Centre Advisory: Russian Attackers, APT29, Targets Companies Involved in COVID-19 Vaccine Development

The UK National Cyber Security Centre and Canada’s Communications Security Establishment released an advisory linking APT29 (also known as, ‘the Dukes’ or ‘Cozy Bear’) to attacks against COVID-19 vaccine development in...more

7/20/2020 / Canada , Coronavirus/COVID-19 , Cyber Attacks , Cyber Threats , Cybersecurity , Data Protection , Data Security , Malware , Risk Management , UK

The Updated CCPA Regulations: 30 Potentially Material Business Impacts

California Attorney General Xavier Becerra has released updated regulations to the California Consumer Privacy Act (CCPA) that contain a number of material modifications to the initial CCPA regulations released in October...more

2/14/2020 / Attorney General , California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Corporate Counsel , Cybersecurity , Data Collection , Data Privacy , Data Protection , Data Security , Opt-Outs , Personal Information , Privacy Laws , Right to Delete

Preparing for the CCPA Reasonable Security

Our Cybersecurity Preparedness & Response Team breaks down the ways in-house counsel can demonstrate compliance with the California Consumer Privacy Act to regulators and business partners....more

12/23/2019 / California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Collection , Data Privacy , Data Protection , Data Security , Personal Information , Privacy Laws

Amy Mushahwar

Alston & Bird

Popular Topics by This Author

Latest Posts › Data Security