No Password Required: LIVE From Sunshine Cyber Con
An Update On IOT Device Breaches, Framework, And Legislation
Your Cyber Minute: Importance of the GDPR to the global business community
Your Cyber Minute: The Implications of the GDPR for Cybersecurity
How to Respond to President Obama's Cybersecurity Executive Order
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
Connecticut Attorney General William Tong announced on October 21, 2024, that his office has settled a data breach case against Guardian Analytics, Inc. for $500,000. The data breach affected the personal information of...more
INTRODUCTION - The acceleration of cyber-attacks on companies in Hong Kong in the last year or so (– with over 60 notifications of such attacks being received by the Office of the Privacy Commissioner of Hong Kong in 2023,...more
In July, Connecticut passed a largely unnoticed new law that followed in the footsteps of Ohio and Utah in limiting damages or creating affirmative defenses for business that experience a data breach after implementing a...more
The New York Department of Financial Services (NYDFS) has launched its first enforcement action under New York’s Cybersecurity law for financial services, so-called Part 500. Part 500 requires NYDFS licensed institutions to...more
Developing Contingency Plans: The NYDFS Mandate on Licensed Virtual Currency Businesses - The events surrounding COVID-19 have increased the use of fintech products, both out of necessity and convenience. Shelter-in-place...more
The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency. The announcement from the Superintendent of Financial Services of the State...more
As states fill the legal void for consumer privacy rights,[1] a new federal standard has emerged to assist companies with their compliance efforts. The National Institute of Standards and Technology (“NIST”) Privacy Framework...more
Regulators, industry experts, and researchers provided insight into health privacy and security enforcement trends, emerging threats, and new tools at a recent conference focused on the Health Insurance Portability and...more
WHAT YOU NEED TO KNOW: Ohio is taking a unique approach to addressing data breaches by offering businesses meeting certain requirements with a safe harbor against lawsuits following a data breach. Specifically, the act...more
With full implementation of New York’s groundbreaking cybersecurity regulation only six weeks away, the state’s top banking regulator took the opportunity to praise the many financial institutions that have adopted systems to...more
The Ohio legislature recently passed S.B. 220, which gives businesses that suffer a data breach an affirmative defense against tort claims brought in class action suits....more
A new bill introduced by House Financial Services subcommittee Chairman Rep. Blaine Luetkemeyer would significantly change data security and breach notification standards for the financial services and insurance industries. ...more
We reported last week that a spyware maker recently compromised users’ and victims’ sensitive information. Since that time, another spyware maker, mSpy, which holds itself out as having over a million users employing its...more
On September 4, 2018, the third stage of compliance deadlines under the New York Department of Financial Services’ (DFS) expansive cybersecurity regulation went into effect....more
The New York State Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) came into effect March 1, 2017...more
Last month, the New York State Department of Financial Services (NYDFS) proclaimed, “In an era of weakened federal government oversight, strong state regulation is essential in order to safeguard our markets, ensure strong...more
The need for cybersecurity continues to increase as technology advances. Over the past few years, a number of major corporations have fallen victim to hackers due to seemingly minor oversights and a failure to properly manage...more
Last week, the New York Department of Financial Services (DFS) sent notices to companies that had not yet certified their compliance with the DFS Cybersecurity Regulation....more
On March 1, 2018, the one year transition period within which banks, insurance companies, and other financial services institutions and licensees regulated by the New York Department of Financial Services (“Covered Entities”)...more
For the several thousand financial institutions and insurance companies covered by New York’s landmark data security regulation, the first certification of compliance must be filed with the State’s Department of Financial...more
On February 15th, organizations subject to the New York Department of Financial Services Cybersecurity Regulation are required to submit their first annual certification attesting to their compliance with the state’s new data...more
I travel around helping businesses, both large and small, work on assessing their cybersecurity risks and implement measures to protect data, reduce risk and comply with applicable state and federal laws. In doing so, it is...more
August 28, 2017 marks the end of the initial 180-day grace period for compliance under the New York Department of Financial Services’ “first-in-the-nation” cybersecurity regulations (the “Rules”). The initial regulations...more