News & Analysis as of

Cybersecurity Framework

NIST Publishes Draft 2 of the Revised NIST Cybersecurity Framework for Comment by January 19, 2018

by Balch & Bingham LLP on

On December 5, 2017, NIST published a revised version of the NIST Cybersecurity Framework (i.e., Draft 2 of Version 1.1) (“Framework”). According to NIST, Version 1.1 of the Framework refines, clarifies, and enhances Version...more

NIST Releases Updated Cyber Framework V1.1

by Alston & Bird on

On December 5, 2017, the National Institute of Standards and Technology (NIST) released a revised draft of its proposed updates to its Framework for Improving Critical Infrastructure Cybersecurity. The revised draft includes...more

Compliance With New York’s Cybersecurity Regulation 23 NYCRR Part 500

On March 1, 2017, New York’s Cybersecurity Regulation (23 NYCRR Part 500) became effective. The regulation is the first of its kind in the nation and requires certain companies, including banks, insurance companies and other...more

Proposed Ohio Law May Encourage Businesses to Adopt Cyber Standards

Recently proposed legislation in Ohio could provide businesses with special protection from lawsuits in the event of a hack under certain circumstances. Senate Bill 220 would shelter businesses that have been proactive in...more

Three October Bid Protest Decisions That May Affect Your Business

• First, an awardee is responsible for keeping tabs on what happens in a protest of its award, or it may not be able to submit its own challenge if the protest is sustained. • Second, mere compliance with cybersecurity...more

Forward Vision: New York’s Cybersecurity Regulation Imposes a Series of Deadlines

by Locke Lord LLP on

New York’s cybersecurity regulation that went into effect in March has far reaching implications. The first transition date for implementation of several requirements of the state’s Department of Financial Services regulation...more

Bay Area Conference Sheds Light on Emerging Cyber Insurance Considerations

On October 11, 2017, the National Association of Insurance Commissioners and the Stanford Cyber Initiative held a joint conference on various topics related to cyber insurance. Below are key takeaways and hot topics discussed...more

NAIC Adopts Model Cybersecurity Law

by Locke Lord LLP on

Based largely on the NY DFS Cybersecurity Regulation that became effective March 1, 2017, the NAIC has adopted a Model Cybersecurity Law that would, once adopted by the various states, establish significant requirements for...more

Privacy Tip #109 – Cybersecurity Tips for Small (and all) Businesses

I travel around helping businesses, both large and small, work on assessing their cybersecurity risks and implement measures to protect data, reduce risk and comply with applicable state and federal laws. In doing so, it is...more

Cyber Winter is Here, and Coming to Regulation: The New York Rules and the Future of Cybersecurity Regulation

The State of New York’s response to two large cybersecurity breaches may fuel the transformation of the state regulation of corporate cybersecurity in the U.S. Unlike typical state data breach statutes which focus on...more

Global Privacy & Cybersecurity Update Vol. 15

by Jones Day on

UNITED STATES - Regulatory—Policy, Best Practices, and Standards - FTC Comments on Improvements to IoT Device Security - On June 19, the Federal Trade Commission ("FTC") submitted comments to a working group organized by the...more

NIST Updates Its Security and Privacy Guidance

by Reed Smith on

Earlier this month, the National Institute of Standards and Technology (“NIST”) issued its fifth and latest draft of its “Security and Privacy Controls for Information Systems and Organizations” guidance document. The NIST...more

New York DFS Cyber Rules Go Live: Here’s Your Roadmap

by Orrick - Trust Anchor on

August 28, 2017 marks the end of the initial 180-day grace period for compliance under the New York Department of Financial Services’ “first-in-the-nation” cybersecurity regulations (the “Rules”). The initial regulations...more

NIST Publishes Updated Cybersecurity Guidance and Guidance on Passwords

The National Institute of Science and Technology (NIST) has long been a leading authority in Cybersecurity—even before Cybersecurity became a household name. It originally published its Cybersecurity Framework-intended not...more

Analysis: Cyber-Monitoring: The Next Frontier

by Dickinson Wright on

Cybersecurity is “hot” and will stay “hot” for corporations, executives, regulators, law enforcement and legislators. Rarely is there a corporate compliance discussion in 2017 where cyber isn’t “the” topic or a material part...more

Deadline to Meet DFS Cyber Regulation Is Monday

Banks, insurance companies and other financial institutions have only a few days left to comply with the first wave of requirements under New York’s controversial new cybersecurity regulation....more

NYSDFS Upcoming Deadline Fast Approaching: First Key Date is August 28, 2017

by Shipman & Goodwin LLP on

On March 1, 2017, the New York State Department of Financial Services’ (“DFS”) first-in-nation Cybersecurity Regulations for the purpose of protecting consumers and financial institutions from cyber-attacks went into effect...more

NAIC Cybersecurity Working Group Votes to Approve Insurance Data Security Model Law

by Carlton Fields on

The National Association of Insurance Commissioners (NAIC) Cybersecurity (EX) Working Group (Cybersecurity WG) approved Version 6 (Finalized) of its Insurance Data Security Model Law (Model) on August 7 at the NAIC Summer...more

DFS Cyber Regulation Countdown: Who Should Certify Compliance?

Companies subject to New York’s Department of Financial Services (DFS) new cybersecurity regulation should be preparing to comply with the first round of requirements by the upcoming August 28th deadline: enacting a...more

A Guide to NYDFS Cybersecurity Regulations’ August 28 Implementation Deadline

by Hogan Lovells on

As a follow-up to our previous reports (December 30, 2016 Alert; February 24, 2017 Alert) regarding the cybersecurity regulations issued by the New York State Department of Financial Services (NYDFS), we would like to remind...more

New Cybersecurity Rules for Colorado Investment Advisers and Broker-Dealers

by Snell & Wilmer on

Colorado has adopted new rules that add cybersecurity requirements for certain entities with Colorado securities licenses. The rules are from the regulatory agency the Division of Securities. It licenses securities...more

New Connecticut Insurance Department Bulletin on Data Security Requirements

by Polsinelli on

Connecticut Bulletin MC-23. The Connecticut Insurance Department issued Bulletin MC-23 on June 13, 2017. The Bulletin addresses certification and notice requirements for data security requirements applicable to TPAs and PBMs...more

New York’s New Cybersecurity Regulations and its Impact on your Sensitive Health Information

by Farrell Fritz, P.C. on

Effective March 1, 2017, the New York State Department of Financial Services promulgated regulations to help protect against cybercriminals and their efforts to exploit sensitive electronic data. These cybersecurity...more

Connecticut Releases Cybersecurity Strategy

On July 10, 2017, Connecticut Governor Dannel P. Malloy released Connecticut Cybersecurity Strategy, that outlines seven key principles to assist with strengthening efforts to protect the state’s cybersecurity defenses for...more

The Top Eight Things You Should Be Doing to Protect Your Business from Cyber Threats

by Burr & Forman on

Cyber threats take many forms. The wide-spread WannaCry ransomware attack in May of 2017 highlighted how computer files could be held hostage in return for payment, while the Dyn denial of service in October of 2016...more

275 Results
|
View per page
Page: of 11
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.