On January 8, 2019, the California Department of Justice hosted the first in a series of six public forums on the California Consumer Protection Act (CCPA). ...more
1/15/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Public Forum ,
Regulatory Agenda ,
Rulemaking Process ,
State and Local Government
The “security principle” under the General Data Protection Regulation (GDPR) requires that organizations process personal data securely by means of “appropriate” technical and organizational measures....more
11/27/2018
/ Corporate Counsel ,
Cybersecurity ,
Data Protection ,
Encryption ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Passwords ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Risk Management ,
UK ,
UK ICO
Last month, the French data protection authority (the CNIL) issued initial guidance addressing issues that applications utilizing blockchain technology should consider in order to comply with the European General Data...more
11/15/2018
/ Blockchain ,
CNIL ,
Data Controller ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Distributed Ledger Technology (DLT) ,
EU ,
France ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Regulatory Standards ,
Right to Erasure
On October 1, 2018, the Food and Drug Administration (FDA) issued its “Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook” to address continued threats to medical devices that could affect...more
10/8/2018
/ Airspace ,
ATDS ,
Auto-Dialed Calls ,
Bitcoin ,
Cryptocurrency ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Digital Currency ,
Drones ,
Facebook ,
Food and Drug Administration (FDA) ,
Hackers ,
Investment Opportunities ,
Medical Devices ,
OMB ,
Online Platforms ,
Part 107 ,
Popular ,
Public Safety ,
Robocalling ,
Social Media ,
Social Networks ,
Toyota ,
Trading Platforms ,
Unmanned Aircraft Systems ,
Virtual Currency
On September 4, 2018, the third stage of compliance deadlines under the New York Department of Financial Services’ (DFS) expansive cybersecurity regulation went into effect....more
9/10/2018
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Confidential Information ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
Insurance Industry ,
NYDFS ,
Personally Identifiable Information ,
Policies and Procedures ,
Risk Management ,
Third-Party Service Provider
The Federal Bureau of Investigation (FBI) released a Public Service Announcement on August 2, 2018, entitled “Cyber Actors Use Internet of Things Devices as Proxies for Anonymity and Pursuit of Malicious Cyber Activities,”...more
As previously detailed, the California Consumer Privacy Act of 2018 was hastily passed by the California legislature as a compromise designed to avoid a more far-reaching ballot initiative....more
On June 28, 2018, the California state legislature passed, and Governor Jerry Brown signed, the California Consumer Privacy Act of 2018, bringing to the United States many of the rights and compliance obligations currently...more
7/3/2018
/ Biometric Information ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
New Legislation ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Private Right of Action ,
State and Local Government
CYBERSECURITY -
South Carolina Enacts Insurance Data Security Act -
South Carolina Governor Henry McMaster signed the South Carolina Insurance Data Security Act into law on May 3, 2018. The law, parts of which become...more
5/25/2018
/ Airspace ,
Ballot Measures ,
Cell Phones ,
Cybersecurity Framework ,
Data Protection ,
Data-Sharing ,
Drones ,
Information Technology ,
Location Data ,
Privacy Concerns ,
Public Safety ,
Regulatory Standards ,
Risk Management ,
State and Local Government
On March 1, 2018, the one year transition period within which banks, insurance companies, and other financial services institutions and licensees regulated by the New York Department of Financial Services (“Covered Entities”)...more
2/27/2018
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Corporate Counsel ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
Insurance Industry ,
NYDFS ,
Personally Identifiable Information ,
Risk Management
As of February 15, 2018, banks, insurance companies, and other financial services institutions and licensees regulated by the New York Department of Financial Services (DFS) are required to file their first certification of...more
2/16/2018
/ Banking Sector ,
Bitcoin ,
Blockchain ,
Chief Information Security Officer (CISO) ,
Cybersecurity ,
Cybersecurity Framework ,
Data Privacy ,
Data Protection ,
Digital Currency ,
Distributed Ledger Technology (DLT) ,
Drones ,
Extortion ,
Financial Institutions ,
Financial Services Industry ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Information Technology ,
Insurance Industry ,
Medical Records ,
No-Fly Zones ,
NYDFS ,
Olympics ,
Popular ,
Risk Management ,
Virtual Currency
On February 15, 2018, banks, insurance companies, and other financial services institutions and licensees regulated by the New York Department of Financial Services (DFS) will be required to file their first certification of...more
2/15/2018
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
Insurance Industry ,
NYDFS ,
Popular ,
Risk Management
FBI Issues Flash Alert on Apache Struts Vulnerability -
The Apache Struts vulnerability has been mentioned frequently in the media over the past month, as it is believed to have been involved in one of the largest and most...more
10/18/2017
/ Blockchain ,
Breach Notification Rule ,
Cryptocurrency ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Digital Currency ,
Distributed Ledger Technology (DLT) ,
Drones ,
Enforcement Actions ,
Faxes ,
Federal Aviation Administration (FAA) ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Initial Coin Offering (ICOs) ,
Office Equipment ,
PHI ,
Popular ,
Ransomware ,
Securities and Exchange Commission (SEC) ,
Securities Fraud ,
Unregistered Securities ,
Virtual Currency ,
Vulnerability Assessments
Companies doing business with the U.S. Department of Defense are facing new requirements for reporting data security breaches and for acquiring cloud computing services. The Interim Rule, effective August 26, 2015, amends the...more
9/9/2015
/ Cloud Computing ,
Compliance ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
Hackers ,
Interim Rule ,
NDAA ,
Reporting Requirements
On June 30th, the Federal Trade Commission (FTC) published a guide titled Start With Security: A Guide for Business, providing 10 lessons learned from the over 50 enforcement actions brought by the FTC against companies that...more