No Password Required: LIVE From Sunshine Cyber Con
An Update On IOT Device Breaches, Framework, And Legislation
Your Cyber Minute: Importance of the GDPR to the global business community
Your Cyber Minute: The Implications of the GDPR for Cybersecurity
How to Respond to President Obama's Cybersecurity Executive Order
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more
If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy. The rapid elevation...more
GREAT SCOTT! Did you know publication of the NIST Cybersecurity Framework (CSF) 2.0 is around the corner? Last updated in 2018, NIST is making substantial changes to the CSF due to evolving threats. What are these changes?...more
Crypto-asset transactions are rapidly growing in popularity. However, a surge of cybersecurity breaches and hacker attacks on cryptocurrency exchanges and cryptocurrency wallet service providers has caused billions of dollars...more
In July, Connecticut passed a largely unnoticed new law that followed in the footsteps of Ohio and Utah in limiting damages or creating affirmative defenses for business that experience a data breach after implementing a...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - President Biden Issues Cybersecurity Executive Order - On May 12, 2021, President Biden issued an executive order that placed new standards on the...more
Sometimes it takes a public event to remind corporate risk managers about the importance of effective risk management. While corporate risk management functions have become yet another “hot” topic or new-fangled response to...more
On February 4, the New York Department of Financial Services (NYDFS) released Insurance Circular Letter No. 2 (2021), a Cyber Insurance Risk Framework (Framework) for insurers that write cyber insurance....more
United States - Regulatory—Policy, Best Practices, and Standard - NIST Unveils Draft Guidance to Protect Critical Infrastructure - On October 22, 2020, the National Institute of Standards and Technology ("NIST")...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - FTC Submits Comment on the Preliminary Draft for the NIST Privacy Framework - On October 24, 2019, the Federal Trade Commission ("FTC") announced that...more
The United States Government Accounting Office (GAO) recently issued a report on the cybersecurity risks facing the electric grid. The GAO reviewed the cybersecurity of the electric grid to determine the risks and challenges...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Releases Internal Report Regarding IoT Cybersecurity - In September, the National Institute of Standards and Technology ("NIST") released a draft...more
The Ohio legislature recently passed S.B. 220, which gives businesses that suffer a data breach an affirmative defense against tort claims brought in class action suits....more
We reported last week that a spyware maker recently compromised users’ and victims’ sensitive information. Since that time, another spyware maker, mSpy, which holds itself out as having over a million users employing its...more
The State of New York’s response to two large cybersecurity breaches may fuel the transformation of the state regulation of corporate cybersecurity in the U.S. Unlike typical state data breach statutes which focus on...more
Effective March 1, 2017, the New York State Department of Financial Services promulgated regulations to help protect against cybercriminals and their efforts to exploit sensitive electronic data. These cybersecurity...more
On December 28, 2016, the New York Department of Financial Services ("DFS") released a revised version of a proposed regulation that would require banks, insurance companies, and other financial services institutions...more
Ambitious and broad-reaching, the Global Data Protection Regulation is impacting companies around the world. Listen as Partner Harriet Pearson and Head of our Privacy and Cybersecurity practice in Europe Eduardo Ustaran talk...more
Partner Harriet Pearson and Head of our Privacy and Cybersecurity practice in Europe Eduardo Ustaran discuss the Global Data Protection Regulation and what companies need to know now. ...more
In this edition of our Privacy & Cybersecurity Update, we discuss how the prospect of a new chair and three new commissioners at the FTC may impact the agency's approach to cybersecurity regulation, a new Massachusetts...more
There is no such thing as compliance with the NIST Cybersecurity Framework (FTC). In September, the FTC dispelled a commonly held misconception regarding the NIST Framework: It “is not, and isn’t intended to be, a standard or...more
Cybersecurity and privacy of customer information have become such a critical issues that in-house counsel should treat them as board of directors-level issues. In-house counsel should do that with presentations for their...more
Information is every organization’s greatest asset. It makes up intellectual property, trade secrets and many other vital corporate assets. It’s how we in corporate America conduct business. With that said, governing and...more
The results of a Raytheon commissioned Ponemon study released on June 7, 2016 shows that at least two-thirds of businesses wait until they have experienced a cyber-attack or data breach to hire and retain security vendors to...more