No Password Required: LIVE From Sunshine Cyber Con
An Update On IOT Device Breaches, Framework, And Legislation
Your Cyber Minute: Importance of the GDPR to the global business community
Your Cyber Minute: The Implications of the GDPR for Cybersecurity
How to Respond to President Obama's Cybersecurity Executive Order
At what point has a director served too long? What about term limits? A mandatory retirement age? When do a director’s skills become stale? These issues are addressed in this issue of The Informed Board, as well as why proxy...more
The conclusion of Cybersecurity Awareness Month is a reminder of the importance for organizations to implement robust security measures and promote good cyber hygiene. As we noted in our State of the Cyber Landscape webinar,...more
Organizations can prevent cyberattacks and minimize liability risks by reviewing and implementing these 10 important steps: Adopt a Zero Trust Network Access Framework, which requires all users to be authenticated,...more
October is here, and as we prepare for pumpkin spice lattes, fall sweaters, and scary decorations, there's one thing your business can't afford to ignore this month: cybersecurity. Welcome to Hack-tober, or as it's officially...more
INTRODUCTION - The acceleration of cyber-attacks on companies in Hong Kong in the last year or so (– with over 60 notifications of such attacks being received by the Office of the Privacy Commissioner of Hong Kong in 2023,...more
By March 31, 2025, U.K. firms regulated by the Financial Conduct Authority will be required to have conducted mapping and testing to ensure they remain within their impact tolerances for identified operational risks of...more
Earlier this year, the National Institute of Standards and Technology (NIST) issued an update to its Cybersecurity Framework (CSF) with the release of version 2.0, the first update since April 2018 (version 1.1). While the...more
CYBERSECURITY - Patch Adobe ColdFusion Vulnerabilities Being Exploited in the Wild ASAP - Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023,...more
The legal profession is under constant threat of cyberattacks and breaches. Cybersecurity challenges exist in many contexts but the legal profession is particularly vulnerable due to its federated environment and disparate...more
Ransomware incidents continue to be on the rise, wreaking havoc for organizations globally. Ransomware attacks target an organization’s data or infrastructure, and, in exchange for releasing the captured data or...more
The National Institute of Standards and Technology (“NIST”) is seeking comments on its draft NIST SP 800-160, Volume 2, Revision 1, “Developing Cyber-Resilient Systems: A Systems Security Engineering Approach,” and draft NIST...more
Cyberattacks on organizations with large consumer databases have been on the rise recently. This is certainly true for the insurance industry, which also has been migrating more business to online platforms in an effort to...more
The recent SolarWinds attack alerted the world to the risk of a cyber supply chain attack—an attack through or on your company’s vendors or suppliers. It is increasingly clear that even if you take all the right steps to...more
On February 4, the New York Department of Financial Services (NYDFS) released Insurance Circular Letter No. 2 (2021), a Cyber Insurance Risk Framework (Framework) for insurers that write cyber insurance....more
The year is 2013: The Obama administration just signed Executive Order 13636, calling for the sharing of cybersecurity risk information and a framework for reducing such risk. It was then that the National Institute of...more
For Cybersecurity and Privacy, “What Are the Industry Standards? Are We Meeting Them?” These are questions the FTC Chairman, Joseph Simons, strongly suggested a CEO must ask before a data breach occurs to avoid the...more
The recently announced federal government cybersecurity certification program is targeted at small- and medium-sized enterprises (SMEs), but larger organizations should also take note....more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Releases Internal Report Regarding IoT Cybersecurity - In September, the National Institute of Standards and Technology ("NIST") released a draft...more
The Ohio legislature recently passed S.B. 220, which gives businesses that suffer a data breach an affirmative defense against tort claims brought in class action suits....more
In February 2014 the U.S. National Institute of Standards in Technology (‘NIST’) published the ?rst NIST Cybersecurity Framework, responding to an Executive Order on improving critical infrastructure cybersecurity issued by...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - FTC Comments on Improvements to IoT Device Security - On June 19, the Federal Trade Commission ("FTC") submitted comments to a working group organized by the...more
Cyber threats take many forms. The wide-spread WannaCry ransomware attack in May of 2017 highlighted how computer files could be held hostage in return for payment, while the Dyn denial of service in October of 2016...more
Amid the flurry following former FBI Director James Comey’s firing last week, President Trump marked his 111th day in office on Thursday, May 11th by signing an executive order targeting national cybersecurity....more
In an effort to combat the growing prevalence of large-scale corporate cyberattacks, the New York Department of Financial Services (“NYDFS”) is rolling out a revamped cybersecurity regulation for financial services companies...more
In the past month, the National Institute of Standards and Technology (NIST) has issued a draft update to its flagship cybersecurity framework as well as new standalone guidance on how organizations can plan to recover from...more