On June 23, 2022, the Office of the Comptroller of the Currency (OCC) released its Semiannual Risk Perspective (SRP) for spring 2022. In the SRP, the OCC opines on its current safety and soundness concerns for banks under...more
In its April 27 Weekly Update, the Financial Industry Regulatory Authority’s (“FINRA”) National Cause and Financial Crimes Detection program urged FINRA member firms to review a cyber-threat alert arising from Russia’s...more
The televised “thud” of explosions in Ukraine has an ominous but deceptively distant tone. For many organizations the hostilities are closer at hand, in the form of cyberattacks that could spread beyond the Russian-Ukrainian...more
Recent industry feedback published by the UK Financial Conduct Authority shares insights on the identification and management of cybersecurity challenges and mitigation strategies for financial services firms. The feedback...more
In a release aptly labeled “A Starting Point for IoT Device Manufacturers” the National Institute of Standards and Technology (NIST), an arm of the Department of Commerce, recently added to the discussion with the...more
The Internet Society’s Online Trust Alliance just released its 2018 Cyber Incident & Breach Trends Report, which says “2018–Some Better, Some Worse, All Bad.” That’s our experience, too. Below are our highlights from the...more
The FBI’s Internet Crime Complaint Center, better known as IC3, released its 2018 Internet Crimes Report. For those unfamiliar with the IC3, it was established by the FBI in May 2000 as a central repository for public...more
Cryptocurrency Exchanges Move Closer to Live Trading, New Stablecoins Announced - More cryptocurrency exchanges are going live. ErisX announced the launch of its spot market, saying it will immediately support dollar...more
Take a journey around the world as our Cybersecurity & Preparedness Response Team reviews how the United States responded to state-sponsored cyberattacks and offers 10 lessons the private sector can use to strengthen their...more
This past September, California became the first state to take a first (small) step in addressing Internet of Things (IoT) security. IoT devices include home security cameras, home temperature controllers, and a myriad of...more
The OIG added eight new items to its Work Plan in the June 2018 update. Among the items addressed are contingency planning for information technology systems, denials and appeals in Medicare Part D, review of certain home...more
The Ugly of Technology — Ransomware Technology is fundamentally good and helpful to us; but, like so many things in our modern world, there is the good…the bad…and the ugly. In October 2016, what might have been the largest...more
The unveiling of the draft cybersecurity bill sheds light on proposed cybersecurity compliance standards and the broad, sweeping powers of Singapore’s Cyber Security Agency....more
Banks’ boards of directors must, among other things, understand the risks associated with existing and planned IT operations, monitor risk management, and work with senior bank managers on strategic technology planning. See...more
EDITOR’S NOTE - Hope you survived all of those awkward Thanksgiving holiday conversations— amazing how divided people are on whether the court got it right in the PHH case, isn’t it? So on we go into the holiday season,...more
In an apparent effort to fight the kinds of cyberattacks like the massive distributed denial-of-service (DDoS) attack that crippled much of the American internet in October 2016, the Department of Homeland Security (DHS)...more
The growing scale of cybersecurity concerns is prompting action from government leadership on the federal level. Before the Thanksgiving recess, the House’s Committee on Energy and Commerce got in on the act when two of its...more
Smart machines connected to the internet have become ubiquitous in our daily lives. They make up the Internet of Things (“IoT”), a vast web of interconnected iPhones and Fitbits, tablets and cameras, even baby monitors and...more
Two actions in the past few weeks reflect the continuing government involvement in and concern over the security of Internet of Things (IoT) devices. Attacks using connected devices have highlighted security vulnerabilities...more
The recent distributed denial of service (“DDOS”) attack on domain name service provider Dyn is likely to result in greater scrutiny by regulators and lawmakers of the potential risks associated with the increasing use of the...more
On November 16, 2016 the House Committee on Energy and Commerce’s Subcommittee on Commerce, Manufacturing, and Trade and the Subcommittee on Communications and Technology held a hearing on “Understanding the Role of Connected...more
Baker Donelson's Data Protection, Privacy and Cybersecurity attorneys are pleased to introduce a series of client alerts that will address significant cyber-threats to your business and how you can protect yourself by...more
On Oct. 21, 2016, an extremely large distributed denial-of-service (DDoS) attack on Dyn prevented many internet users on the East Coast of the U.S. from accessing websites such as Netflix, PayPal, Spotify and Twitter for...more
On October 25, 2016, the Financial Crimes Enforcement Network (“FinCEN”) issued an advisory (the “Advisory”) explaining the obligations a “financial institution” might have under the Bank Secrecy Act (“BSA”) regarding...more
Last week, FinCEN (Financial Crimes Enforcement Network) issued a formal Advisory to Financial Institutions and published FAQs outlining specific cybersecurity events that should be reported through Suspicious Activity...more