On June 15, the Securities and Exchange Commission announced a settlement with First American Financial Corporation for what the SEC found were inadequate disclosure controls and procedural violations, revealed in connection...more
Earlier this month, the Supreme Court issued its first major decision on the Computer Fraud and Abuse Act (“CFAA”) in Van Buren v. United States. The decision has significant implications for how organizations protect...more
Recent ransomware attacks against U.S. critical infrastructure, which includes the energy sector’s production of oil and natural gas, and other sources of electricity and power, have shed a spotlight on the importance of...more
5/13/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Hackers ,
Incident Response Plans ,
International Emergency Economic Powers Act (IEEPA) ,
NIST ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
Risk Mitigation ,
Trading with the Enemy Act
Ransomware has emerged as one of the most virulent cybersecurity risks, affecting public and private sector alike. In recent years, ransomware attacks have become more focused, sophisticated, costly, and numerous. Threat...more
10/15/2020
/ Civil Monetary Penalty ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Security ,
Economic Sanctions ,
FBI ,
International Emergency Economic Powers Act (IEEPA) ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
SDN List ,
U.S. Treasury
On September 11, 2020, U.S. Representatives Bill Foster (D-IL), John Katko (R-NY), Jim Langevin (D-RI), and Barry Loudermilk (R-GA) introduced H.R. 8215, the Improving Digital Identity Act of 2020 (“the Act”) to address the...more
GDPR, the key piece of European privacy law, sets out strict controls on the transfer of personal data from the EU to non-EU jurisdictions and makes it unlawful to transfer personal data from the EU to a non-EU based...more
As the patchwork of state and local stay-at-home restrictions lighten, organizations are exploring safe return-to-work options, including the use of contact-tracing mobile apps for employees while on company premises. Such a...more
6/16/2020
/ Americans with Disabilities Act (ADA) ,
Applications ,
Centers for Disease Control and Prevention (CDC) ,
Coronavirus/COVID-19 ,
COVID-19 Consumer Data Protection Act ,
Data Collection ,
Employee Privacy Rights ,
Equal Employment Opportunity Commission (EEOC) ,
OSHA ,
Smartphones ,
Virus Testing ,
Workplace Safety
As greater amounts of data are being collected to track and mitigate the spread of COVID-19, concerns about personal privacy have led lawmakers in Congress from both parties to introduce legislation to ensure appropriate...more
The New York Department of Financial Services’ (DFS) cybersecurity regulation imposes significant requirements on financial services companies doing business in New York. DFS, which enforces the regulation, has remained...more
This past Friday, March 1, 2019, marked the second anniversary and final effective date of the New York Department of Financial Services (DFS)’s cybersecurity regulation. Since its enactment, regulated institutions, subject...more