News & Analysis as of

Cybersecurity Framework

Less than One Month To Go!

by Locke Lord LLP on

On February 15, many insurance companies, producers and others with New York DFS licenses and other authorizations (except for certain entities and employees who have filed for an exemption) will need to file a compliance...more

Countdown to the First Annual New York DFS Cyber Regulation Certification

On February 15th, organizations subject to the New York Department of Financial Services Cybersecurity Regulation are required to submit their first annual certification attesting to their compliance with the state’s new data...more

New York DFS Cybersecurity Regulation Update: Lots Left To Do

by Locke Lord LLP on

Insurers and producers, banks, lenders and others licensed by the New York Department of Financial Services (DFS) have already had to comply with several of the requirements of the new DFS Cybersecurity Regulation, but for...more

NIST Releases Second Draft of Revised Cybersecurity Framework

Revising its guidance on internal assessments and highlighting the importance of managing cybersecurity within supply chains, the National Institute of Standards and Technology (NIST) released the second draft of Version 1.1...more

NAIC’s Model Law Opens Door for State Data Security Standards

by Pessin Katz Law, P.A. on

There appears to be no stopping the continued breathtaking pace of cyberattacks as we head into 2018. In 2017, the Equifax data breach exposed the nonpublic information of over 140 million consumers; there were allegations...more

NIST Publishes Draft 2 of the Revised NIST Cybersecurity Framework for Comment by January 19, 2018

by Balch & Bingham LLP on

On December 5, 2017, NIST published a revised version of the NIST Cybersecurity Framework (i.e., Draft 2 of Version 1.1) (“Framework”). According to NIST, Version 1.1 of the Framework refines, clarifies, and enhances Version...more

NIST Releases Updated Cyber Framework V1.1

by Alston & Bird on

On December 5, 2017, the National Institute of Standards and Technology (NIST) released a revised draft of its proposed updates to its Framework for Improving Critical Infrastructure Cybersecurity. The revised draft includes...more

Compliance With New York’s Cybersecurity Regulation 23 NYCRR Part 500

On March 1, 2017, New York’s Cybersecurity Regulation (23 NYCRR Part 500) became effective. The regulation is the first of its kind in the nation and requires certain companies, including banks, insurance companies and other...more

Proposed Ohio Law May Encourage Businesses to Adopt Cyber Standards

Recently proposed legislation in Ohio could provide businesses with special protection from lawsuits in the event of a hack under certain circumstances. Senate Bill 220 would shelter businesses that have been proactive in...more

Three October Bid Protest Decisions That May Affect Your Business

• First, an awardee is responsible for keeping tabs on what happens in a protest of its award, or it may not be able to submit its own challenge if the protest is sustained. • Second, mere compliance with cybersecurity...more

Forward Vision: New York’s Cybersecurity Regulation Imposes a Series of Deadlines

by Locke Lord LLP on

New York’s cybersecurity regulation that went into effect in March has far reaching implications. The first transition date for implementation of several requirements of the state’s Department of Financial Services regulation...more

Bay Area Conference Sheds Light on Emerging Cyber Insurance Considerations

On October 11, 2017, the National Association of Insurance Commissioners and the Stanford Cyber Initiative held a joint conference on various topics related to cyber insurance. Below are key takeaways and hot topics discussed...more

NAIC Adopts Model Cybersecurity Law

by Locke Lord LLP on

Based largely on the NY DFS Cybersecurity Regulation that became effective March 1, 2017, the NAIC has adopted a Model Cybersecurity Law that would, once adopted by the various states, establish significant requirements for...more

Privacy Tip #109 – Cybersecurity Tips for Small (and all) Businesses

I travel around helping businesses, both large and small, work on assessing their cybersecurity risks and implement measures to protect data, reduce risk and comply with applicable state and federal laws. In doing so, it is...more

Cyber Winter is Here, and Coming to Regulation: The New York Rules and the Future of Cybersecurity Regulation

The State of New York’s response to two large cybersecurity breaches may fuel the transformation of the state regulation of corporate cybersecurity in the U.S. Unlike typical state data breach statutes which focus on...more

Global Privacy & Cybersecurity Update Vol. 15

by Jones Day on

UNITED STATES - Regulatory—Policy, Best Practices, and Standards - FTC Comments on Improvements to IoT Device Security - On June 19, the Federal Trade Commission ("FTC") submitted comments to a working group organized by the...more

NIST Updates Its Security and Privacy Guidance

by Reed Smith on

Earlier this month, the National Institute of Standards and Technology (“NIST”) issued its fifth and latest draft of its “Security and Privacy Controls for Information Systems and Organizations” guidance document. The NIST...more

New York DFS Cyber Rules Go Live: Here’s Your Roadmap

by Orrick - Trust Anchor on

August 28, 2017 marks the end of the initial 180-day grace period for compliance under the New York Department of Financial Services’ “first-in-the-nation” cybersecurity regulations (the “Rules”). The initial regulations...more

NIST Publishes Updated Cybersecurity Guidance and Guidance on Passwords

The National Institute of Science and Technology (NIST) has long been a leading authority in Cybersecurity—even before Cybersecurity became a household name. It originally published its Cybersecurity Framework-intended not...more

Analysis: Cyber-Monitoring: The Next Frontier

by Dickinson Wright on

Cybersecurity is “hot” and will stay “hot” for corporations, executives, regulators, law enforcement and legislators. Rarely is there a corporate compliance discussion in 2017 where cyber isn’t “the” topic or a material part...more

Deadline to Meet DFS Cyber Regulation Is Monday

Banks, insurance companies and other financial institutions have only a few days left to comply with the first wave of requirements under New York’s controversial new cybersecurity regulation....more

NYSDFS Upcoming Deadline Fast Approaching: First Key Date is August 28, 2017

by Shipman & Goodwin LLP on

On March 1, 2017, the New York State Department of Financial Services’ (“DFS”) first-in-nation Cybersecurity Regulations for the purpose of protecting consumers and financial institutions from cyber-attacks went into effect...more

NAIC Cybersecurity Working Group Votes to Approve Insurance Data Security Model Law

by Carlton Fields on

The National Association of Insurance Commissioners (NAIC) Cybersecurity (EX) Working Group (Cybersecurity WG) approved Version 6 (Finalized) of its Insurance Data Security Model Law (Model) on August 7 at the NAIC Summer...more

DFS Cyber Regulation Countdown: Who Should Certify Compliance?

Companies subject to New York’s Department of Financial Services (DFS) new cybersecurity regulation should be preparing to comply with the first round of requirements by the upcoming August 28th deadline: enacting a...more

A Guide to NYDFS Cybersecurity Regulations’ August 28 Implementation Deadline

by Hogan Lovells on

As a follow-up to our previous reports (December 30, 2016 Alert; February 24, 2017 Alert) regarding the cybersecurity regulations issued by the New York State Department of Financial Services (NYDFS), we would like to remind...more

278 Results
|
View per page
Page: of 12
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.