On June 23, 2022, the Office of the Comptroller of the Currency (OCC) released its Semiannual Risk Perspective (SRP) for spring 2022. In the SRP, the OCC opines on its current safety and soundness concerns for banks under...more
The televised “thud” of explosions in Ukraine has an ominous but deceptively distant tone. For many organizations the hostilities are closer at hand, in the form of cyberattacks that could spread beyond the Russian-Ukrainian...more
Recent industry feedback published by the UK Financial Conduct Authority shares insights on the identification and management of cybersecurity challenges and mitigation strategies for financial services firms. The feedback...more
In a release aptly labeled “A Starting Point for IoT Device Manufacturers” the National Institute of Standards and Technology (NIST), an arm of the Department of Commerce, recently added to the discussion with the...more
The Internet Society’s Online Trust Alliance just released its 2018 Cyber Incident & Breach Trends Report, which says “2018–Some Better, Some Worse, All Bad.” That’s our experience, too. Below are our highlights from the...more
Cryptocurrency Exchanges Move Closer to Live Trading, New Stablecoins Announced - More cryptocurrency exchanges are going live. ErisX announced the launch of its spot market, saying it will immediately support dollar...more
Take a journey around the world as our Cybersecurity & Preparedness Response Team reviews how the United States responded to state-sponsored cyberattacks and offers 10 lessons the private sector can use to strengthen their...more
This past September, California became the first state to take a first (small) step in addressing Internet of Things (IoT) security. IoT devices include home security cameras, home temperature controllers, and a myriad of...more
The Ugly of Technology — Ransomware Technology is fundamentally good and helpful to us; but, like so many things in our modern world, there is the good…the bad…and the ugly. In October 2016, what might have been the largest...more
The unveiling of the draft cybersecurity bill sheds light on proposed cybersecurity compliance standards and the broad, sweeping powers of Singapore’s Cyber Security Agency....more
Banks’ boards of directors must, among other things, understand the risks associated with existing and planned IT operations, monitor risk management, and work with senior bank managers on strategic technology planning. See...more
EDITOR’S NOTE - Hope you survived all of those awkward Thanksgiving holiday conversations— amazing how divided people are on whether the court got it right in the PHH case, isn’t it? So on we go into the holiday season,...more
In an apparent effort to fight the kinds of cyberattacks like the massive distributed denial-of-service (DDoS) attack that crippled much of the American internet in October 2016, the Department of Homeland Security (DHS)...more
The growing scale of cybersecurity concerns is prompting action from government leadership on the federal level. Before the Thanksgiving recess, the House’s Committee on Energy and Commerce got in on the act when two of its...more
Smart machines connected to the internet have become ubiquitous in our daily lives. They make up the Internet of Things (“IoT”), a vast web of interconnected iPhones and Fitbits, tablets and cameras, even baby monitors and...more
Two actions in the past few weeks reflect the continuing government involvement in and concern over the security of Internet of Things (IoT) devices. Attacks using connected devices have highlighted security vulnerabilities...more
The recent distributed denial of service (“DDOS”) attack on domain name service provider Dyn is likely to result in greater scrutiny by regulators and lawmakers of the potential risks associated with the increasing use of the...more
On November 16, 2016 the House Committee on Energy and Commerce’s Subcommittee on Commerce, Manufacturing, and Trade and the Subcommittee on Communications and Technology held a hearing on “Understanding the Role of Connected...more
Baker Donelson's Data Protection, Privacy and Cybersecurity attorneys are pleased to introduce a series of client alerts that will address significant cyber-threats to your business and how you can protect yourself by...more
On Oct. 21, 2016, an extremely large distributed denial-of-service (DDoS) attack on Dyn prevented many internet users on the East Coast of the U.S. from accessing websites such as Netflix, PayPal, Spotify and Twitter for...more
On October 25, 2016, the Financial Crimes Enforcement Network (“FinCEN”) issued an advisory (the “Advisory”) explaining the obligations a “financial institution” might have under the Bank Secrecy Act (“BSA”) regarding...more
Last week, FinCEN (Financial Crimes Enforcement Network) issued a formal Advisory to Financial Institutions and published FAQs outlining specific cybersecurity events that should be reported through Suspicious Activity...more
The recent massive distributed denial of service (DDoS) attack that caused major internet outages was led by an army of security cameras, digital video recorders, and other Internet of Things ("IoT") devices that had been...more
Beginning early on October 21, 2016, Dyn, a New Hampshire based internet service company, was the victim of three distributed denial of service (DDoS) attacks. The first attack began at 7am ET and was resolved within about...more
In an era of cyberwarfare, financial institutions can find themselves in the crossfire. The U.S. government indicted seven Iranian hackers last week, charging the individuals for their roles in a 2011 series of cyber-attacks...more