No Password Required: LIVE From Sunshine Cyber Con
An Update On IOT Device Breaches, Framework, And Legislation
Your Cyber Minute: Importance of the GDPR to the global business community
Your Cyber Minute: The Implications of the GDPR for Cybersecurity
How to Respond to President Obama's Cybersecurity Executive Order
Our Privacy, Cyber & Data Strategy Team discusses the new Cyber Resilience Act (CRA) that affects manufacturers and distributors of connected devices that are in use anywhere in the European Union....more
On December 4, 2024, four of the five members of the Five Eyes intelligence-sharing group (the United States, Australia, Canada, and New Zealand) law enforcement and cyber security agencies (Agencies) published a joint guide...more
The increased use of artificial intelligence (AI) in the banking, insurance, and financial services industries has led the New York State Department of Financial Services (NYDFS or Department) to publish an Industry Letter on...more
Financial institutions and securities market participants continue to face escalating cyber threats – in frequency, volume, and severity. The many reasons for the escalating risk include: Financial services companies are...more
The conclusion of Cybersecurity Awareness Month is a reminder of the importance for organizations to implement robust security measures and promote good cyber hygiene. As we noted in our State of the Cyber Landscape webinar,...more
Our Health Care and Privacy, Cyber & Data Strategy Groups cover an upcoming proposed rule from U.S. Health and Human Services (HHS) that would formalize cybersecurity requirements and allow the Office for Civil Rights (OCR)...more
BACKGROUND - On October 16, 2024, the New York State Department of Financial Services (DFS) issued an industry letter, Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks,...more
On October 16, 2024, the New York Department of Financial Services (“NYDFS”) issued guidance and strategies (“Guidance”) concerning cybersecurity risks that arise in response to the advancements in artificial intelligence...more
Introduction It wouldn't be much of an exaggeration to say that NIS2 is the acronym on everyone's lips. When coupled with its European sister legislation DORA, we encounter a regulatory twosome that make GDPR feel like...more
INTRODUCTION - The acceleration of cyber-attacks on companies in Hong Kong in the last year or so (– with over 60 notifications of such attacks being received by the Office of the Privacy Commissioner of Hong Kong in 2023,...more
Earlier this year, the National Institute of Standards and Technology (NIST) issued an update to its Cybersecurity Framework (CSF) with the release of version 2.0, the first update since April 2018 (version 1.1). While the...more
In response to “multiple” cyber threat vectors, the Biden administration has asked governors of all 50 states to generate cybersecurity plans within 90 days (approximately July 1, 2024) to protect local water and wastewater...more
As businesses strive to do more with less, they are turning to technologies that can provide comprehensive visibility and insights into their operations. XDR (eXtended Detection and Response) technology is a solution that...more
GREAT SCOTT! Did you know publication of the NIST Cybersecurity Framework (CSF) 2.0 is around the corner? Last updated in 2018, NIST is making substantial changes to the CSF due to evolving threats. What are these changes?...more
Last week, the Department of Justice (DOJ) issued the first report of its Cyber-Digital Task Force. The Task Force, which is comprised of several long-time DOJ officials, was tasked with distilling how the DOJ responds to...more
This week, the U.S. Department of Justice (DOJ) released a much-anticipated report from its Cyber-Digital Task Force. The task force was formed by Attorney General Jeff Sessions in February of 2018 with the goal of addressing...more
Cyber threats take many forms. The wide-spread WannaCry ransomware attack in May of 2017 highlighted how computer files could be held hostage in return for payment, while the Dyn denial of service in October of 2016...more
Earlier this year, the National Association of Corporate Directors (NACD) released an updated version of its Director’s Handbook on Cyber-Risk Oversight (Handbook). The updates add 16 pages of content to the previously...more
On May 11, 2017, the White House released its long-awaited Executive Order on cybersecurity (EO). The EO directs Executive Branch agencies to develop plans to assess and improve the cybersecurity of their own operations,...more
In June 2016, the Financial Stability Oversight Council (“FSOC” or the “Council”) released its Annual Report. The Council discussed the continued “pressing concern” of cyber threats and vulnerabilities and also focused on...more
Threat intelligence services provide information about the identities, motivations, characteristics, and methods of attackers. See Rob McMillan, Khushbu Pratap, “Market Guide for Security Threat Intelligence Services,” 3,...more
On September 21, 2015, the National Association of Insurance Commissioners (NAIC) IT Examination Working Group adopted amendments to the IT section of the Financial Condition Examiners Handbook (“the Handbook”). The changes...more
Chinese President Xi Jinping made his first state visit to the United States last week, and his itinerary included meetings with U.S. technology company leaders as well as President Barack Obama. Not surprisingly, his hosts...more
Records produced by the U.S. Department of Energy (“DOE”) to USA TODAY under a Freedom of Information Act request revealed over 150 successful cyber intrusions into DOE computer systems between 2010 and 2014. Concerns about...more
The Cybersecurity Task Force of the National Association of Insurance Commissioners (the “NAIC”) met last month, as part of on the NAIC’s 2015 Summer National Meeting in Chicago. The Task Force focused on two issues: the...more