It is so hard to keep up with the latest ways the bad guys try to infiltrate company data. One new technique is called warshipping, and its implementation is pretty simple and a little old school.
...more
8/12/2019
/ Air Traffic Control Systems ,
Blockchain ,
Call Centers ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Drones ,
Federal Aviation Administration (FAA) ,
Hackers ,
Mobile Apps ,
Personally Identifiable Information ,
Privacy Settings
Cybercriminals have launched a new campaign that not only requires the victim to pay a ransom to have their data decrypted, but when the victim is directed to a PayPal account to pay the ransom and get the decryption key to...more
1/21/2019
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
Cell Phones ,
Commercial General Liability Policies ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data-Sharing ,
Drones ,
Geological Data ,
Hackers ,
HIPAA Breach ,
Personally Identifiable Information ,
Ransomware ,
Right to Privacy ,
Risk Management ,
Rulemaking Process ,
WISP
On January 8, 2019, the California Department of Justice hosted the first in a series of six public forums on the California Consumer Protection Act (CCPA). ...more
1/15/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Public Forum ,
Regulatory Agenda ,
Rulemaking Process ,
State and Local Government
New Year’s is a time to look back on the happenings of the year and focus on the lessons and reminders those events have provided. For our final newsletter of the year, we’d like to share with you our top 10 most read posts...more
12/31/2018
/ Banking Sector ,
Blockchain ,
Connected Items ,
Cryptocurrency ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Distributed Ledger Technology (DLT) ,
Drones ,
Federal Aviation Administration (FAA) ,
Financial Conduct Authority (FCA) ,
Hackers ,
Initial Coin Offering (ICOs) ,
Investment Opportunities ,
Personally Identifiable Information ,
Popular ,
Wells Fargo
Some analysts have predicted that by 2020, there will be 20 billion Internet of Things (IoT) connected devices worldwide, which could grow to over 80 billion by 2025. Global sales of IoT devices were $80 billion in 2017, and...more
12/3/2018
/ Cybersecurity ,
Data Privacy ,
Drones ,
FSB ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Identity Theft ,
Internet of Things ,
IRS ,
OCR ,
Tax Scams ,
Unmanned Aircraft Systems ,
Vendors
The “security principle” under the General Data Protection Regulation (GDPR) requires that organizations process personal data securely by means of “appropriate” technical and organizational measures....more
11/27/2018
/ Corporate Counsel ,
Cybersecurity ,
Data Protection ,
Encryption ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Passwords ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Risk Management ,
UK ,
UK ICO
On October 1, 2018, the Food and Drug Administration (FDA) issued its “Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook” to address continued threats to medical devices that could affect...more
10/8/2018
/ Airspace ,
ATDS ,
Auto-Dialed Calls ,
Bitcoin ,
Cryptocurrency ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Digital Currency ,
Drones ,
Facebook ,
Food and Drug Administration (FDA) ,
Hackers ,
Investment Opportunities ,
Medical Devices ,
OMB ,
Online Platforms ,
Part 107 ,
Popular ,
Public Safety ,
Robocalling ,
Social Media ,
Social Networks ,
Toyota ,
Trading Platforms ,
Unmanned Aircraft Systems ,
Virtual Currency
We reported last week that a spyware maker recently compromised users’ and victims’ sensitive information. Since that time, another spyware maker, mSpy, which holds itself out as having over a million users employing its...more
9/11/2018
/ Banking Sector ,
Class Action ,
Class Certification ,
Consumer Privacy Rights ,
Criminal Convictions ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Financial Services Industry ,
Hackers ,
Insurance Industry ,
Legislative Agendas ,
NYDFS ,
Pending Legislation ,
Personally Identifiable Information ,
Popular ,
Spyware ,
State and Local Government ,
Vulnerability Assessments ,
Yahoo!
On September 4, 2018, the third stage of compliance deadlines under the New York Department of Financial Services’ (DFS) expansive cybersecurity regulation went into effect....more
9/10/2018
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Confidential Information ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
Insurance Industry ,
NYDFS ,
Personally Identifiable Information ,
Policies and Procedures ,
Risk Management ,
Third-Party Service Provider
It has been reported that a hacker was able to break into the servers of TheTruthSpy, a company that is described as “one of the most notorious stalkerware companies out there” (Motherboard, August 2018) and was able to steal...more
9/4/2018
/ Airspace ,
Arbitration ,
Biometric Information ,
Biometric Information Privacy Act ,
Blockchain ,
Commercial Use ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Distributed Ledger Technology (DLT) ,
Do Not Call List ,
Drones ,
Emerging Technology Companies ,
Employee Privacy Rights ,
Employer Liability Issues ,
Employment Litigation ,
Federal Aviation Administration (FAA) ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Personally Identifiable Information ,
Popular ,
Safety Standards ,
Southwest Airlines ,
Unmanned Aircraft Systems
As previously detailed, the California Consumer Privacy Act of 2018 was hastily passed by the California legislature as a compromise designed to avoid a more far-reaching ballot initiative....more
The Federal Energy Regulatory Commission (FERC) announced on July 19, 2018, that it is directing the North American Electric Reliability Corporation (NERC) “to develop and submit modifications to the NERC Reliability...more
7/30/2018
/ Banking Sector ,
Bitcoin ,
Blockchain ,
Bulk Electric System ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Dark Web ,
Digital Currency ,
Distributed Ledger Technology (DLT) ,
Drones ,
Electricity ,
Energy Sector ,
FERC ,
Final Rules ,
Financial Fraud ,
Financial Institutions ,
Financial Services Industry ,
Hackers ,
LifeLock ,
Malware ,
National Security ,
NERC ,
Phishing Scams ,
Popular ,
Reliability Standards ,
Reporting Requirements ,
Sensitive Business Information ,
US Air Force ,
Utilities Sector ,
Virtual Currency
On June 28, 2018, the California state legislature passed, and Governor Jerry Brown signed, the California Consumer Privacy Act of 2018, bringing to the United States many of the rights and compliance obligations currently...more
7/3/2018
/ Biometric Information ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
New Legislation ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Private Right of Action ,
State and Local Government
On the heels of the ransomware that had the City of Atlanta scrambling last week, New York City Mayor Bill de Blasio announced the launch of “NYC Secure,” a free mobile app that will alert New York City residents of...more
4/10/2018
/ Blockchain ,
Cambridge Analytica ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Distributed Ledger Technology (DLT) ,
Drones ,
Electric Vehicles ,
Electronically Stored Information ,
Facebook ,
Legislative Agendas ,
New Legislation ,
Part 107 ,
Personal Data ,
Proposed Legislation ,
Ransomware ,
Social Media ,
State Data Breach Notification Statutes ,
Taxi Cabs ,
US v Microsoft
On March 1, 2018, the one year transition period within which banks, insurance companies, and other financial services institutions and licensees regulated by the New York Department of Financial Services (“Covered Entities”)...more
2/27/2018
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Corporate Counsel ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
Insurance Industry ,
NYDFS ,
Personally Identifiable Information ,
Risk Management
As of February 15, 2018, banks, insurance companies, and other financial services institutions and licensees regulated by the New York Department of Financial Services (DFS) are required to file their first certification of...more
2/16/2018
/ Banking Sector ,
Bitcoin ,
Blockchain ,
Chief Information Security Officer (CISO) ,
Cybersecurity ,
Cybersecurity Framework ,
Data Privacy ,
Data Protection ,
Digital Currency ,
Distributed Ledger Technology (DLT) ,
Drones ,
Extortion ,
Financial Institutions ,
Financial Services Industry ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Information Technology ,
Insurance Industry ,
Medical Records ,
No-Fly Zones ,
NYDFS ,
Olympics ,
Popular ,
Risk Management ,
Virtual Currency
On February 15, 2018, banks, insurance companies, and other financial services institutions and licensees regulated by the New York Department of Financial Services (DFS) will be required to file their first certification of...more
2/15/2018
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
Insurance Industry ,
NYDFS ,
Popular ,
Risk Management
FBI Issues Flash Alert on Apache Struts Vulnerability -
The Apache Struts vulnerability has been mentioned frequently in the media over the past month, as it is believed to have been involved in one of the largest and most...more
10/18/2017
/ Blockchain ,
Breach Notification Rule ,
Cryptocurrency ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Digital Currency ,
Distributed Ledger Technology (DLT) ,
Drones ,
Enforcement Actions ,
Faxes ,
Federal Aviation Administration (FAA) ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Initial Coin Offering (ICOs) ,
Office Equipment ,
PHI ,
Popular ,
Ransomware ,
Securities and Exchange Commission (SEC) ,
Securities Fraud ,
Unregistered Securities ,
Virtual Currency ,
Vulnerability Assessments
On October 14, the National Association of Insurance Commissioners (NAIC) Cybersecurity (EX) Task Force released an updated draft of its Cybersecurity Bill of Rights. The bill, which updates a prior draft published for...more
Companies doing business with the U.S. Department of Defense are facing new requirements for reporting data security breaches and for acquiring cloud computing services. The Interim Rule, effective August 26, 2015, amends the...more
9/9/2015
/ Cloud Computing ,
Compliance ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
Hackers ,
Interim Rule ,
NDAA ,
Reporting Requirements