The Federal Trade Commission (FTC) recently adopted a final rule amending its Standards for Safeguarding Customer Information (commonly referred to as the “Safeguards Rule”) to require financial institutions to report certain...more
In October, California enacted its newest privacy legislation, commonly referred to as the “Delete Act” (California Senate Bill No. 362). The Delete Act will allow consumers to request that any data broker that maintains any...more
Although data security concerns may have held back early adoption, the COVID-19 pandemic accelerated cloud usage and digital transformation within public service organizations in many countries around the world. In a recent...more
Despite general awareness regarding phishing (we have written about phishing in a prior post), it still remains one of the most common ways to accomplish cyberattacks. It should be no surprise that cybercriminals are...more
The US Treasury Department has issued a request for public comment on a federal cyberinsurance program that would aim to cover the costs associated with severe cyberattacks. The Federal Insurance Office (FIO) and the US...more
The White House Office of Science and Technology recently published The Blueprint for an AI Bill of Rights: Making Automated Systems Work for the American People (the Blueprint), a set of five principles to help guide...more
We have heard time and time again that we should not reuse passwords across accounts—if a cybercriminal were to obtain access to the password of one account, they could then use such password to access multiple accounts. This...more
Many organizations have longstanding sustainability initiatives for reducing waste through efforts such as recycling or reductions in printing. However, organizations are now also looking to their use of technology to help...more
As many of our readers are aware, President Joseph Biden issued an executive order on May 12 to improve the nation’s cybersecurity. While much of the executive order focuses on strengthening the federal government’s networks...more
6/2/2021
/ Biden Administration ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Protection ,
Executive Orders ,
Internet of Things ,
Personal Data ,
Popular ,
Software ,
Supply Chain
Last week, we posted on the guidance issued by the US Department of Labor (DOL) for plan sponsors, plan fiduciaries, recordkeepers, and plan participants on cybersecurity best practices. Last week’s post focused on the...more
The US Department of Labor (DOL) recently announced guidance for plan sponsors, plan fiduciaries, recordkeepers and plan participants on cybersecurity best practices. The guidance focuses on three areas: (1) tips for hiring a...more
The US Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) recently issued an advisory to remind US businesses about some aspects of ransomware scams and attacks. ...more
The US Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) published a report on January 27 outlining various industry practices and approaches to managing and combating...more
Washington may be the next state to enact its own data privacy law after a bill was introduced into the Washington State Senate earlier this month. Known as the Washington Privacy Act, the bill’s sponsor, Sen. Reuven Carlyle,...more
1/29/2020
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Data-Sharing ,
Facial Recognition Technology ,
Information Governance ,
Legislative Agendas ,
Opt-Outs ,
Penalties ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Legislation ,
State and Local Government ,
Statutory Violations
The Federal Trade Commission (FTC) is requesting comments on proposed amendments to two rules addressing the privacy and security of customer information under the Gramm-Leach-Bliley Act. The FTC plans to publish the notices...more
Russia’s Central Bank, the financial markets regulator in Russia, might soon receive the right to block websites. On 24 January, the State Duma, the lower house of the Russian parliament, approved amendments in the first...more
The UK government recently released a policy paper outlining proposed requirements for makers of Internet of Things (IoT) devices to take certain actions to better protect IoT devices from growing cybersecurity threats....more
A recent report issued by the Federal Trade Commission (FTC) found that some web hosting services marketing their services to small businesses are not providing email authentication and anti-phishing technologies as part of...more
The Federal Trade Commission (FTC) submitted public comments to the US Department of Commerce’s National Telecommunications and Information Administration (NTIA) in connection with the NTIA’s draft guidance on improving the...more
The European Union Agency for Network and Information Security (ENISA), along with three semiconductor companies, recently released a position paper proposing a position for the European Commission (EC) on security and...more
In a recent post, we noted that the US federal government has become increasingly concerned about the security of Internet of Things (IoT) devices. On November 15, the US Department of Homeland Security (DHS) issued guidance...more
The annual State CIO Survey by the National Association of State Chief Information Officers (NASCIO) for 2016 found that the number of states outsourcing their IT applications and services has increased—with two-thirds of...more
Verizon’s annual report investigating data breach information finds that phishing—which it defines as malicious correspondence involving a link or attachment to install malware on the victim’s computer or system—is still the...more
Recent attempted cyberattacks that used Internet of Things (IoT) devices to effect the attempted attacks have led to growing concern within the federal government over the security of such devices and the potential such...more
UK Secretary of State Karen Bradley recently confirmed that the United Kingdom will implement the European Union’s General Data Protection Regulation (GDPR), the regulation by which the European Commission intends to...more