Information Security and ISO 27001
A Compliance Officer Turned Board Member's Advice
Cyberside Chats: Protect Your Crown Jewels – Nobody breaks into a bank to steal the posters
No Password Required: The Philosopher CISO of Tallahassee Who Lives to Help Other People
Cyberside Chats - Zero Trust and Cyber Negligence: A conversation with Dr. Zero Trust Chase Cunningham
No Password Required: A Former Police Officer Who Embodies All the Qualities of a Great Leader
Modernize your Information Governance: Building a Framework for Success
CyberSide Chats: Recap of the White House Cyber Summit (with Amanda Fennell)
Canna We Talk Cannabis? Cybersecurity Risks Bring Growing Pains to Cannabis Businesses
The Importance Of Cybersecurity During A Merger & Acquisition Transaction
Phishing and Vishing and Smishing (Oh my!): New Types of Scams Require Increased Vigilance
The FTC has made news recently with its recent enforcement activity regarding companies’ alleged disclosures of consumer health data, as detailed in our recent post FTC to Advertisers: We’re tracking Your Use of Health...more
Hosted by ACI, 18th Annual Paragraph IV Disputes Conference returns to New York City for another exciting year with curated programming that not only addresses the hot topics, but also puts them within the context of pre-suit...more
The Federal Trade Commission (FTC) has announced that the effective date for the new substantive information security requirements in the revised Safeguard Rule has been extended from December 9, 2022 to June 9, 2023....more
The FTC recently issued a proposed order that would settle an enforcement action against Drizly, LLC and its co-founder and CEO, James Rellas, arising from data breaches in 2018 and 2020 that affected over 2.5 million...more
In the late summer, the Consumer Financial Protection Bureau (CFPB) issued a circular that concluded in no uncertain terms that insufficient data protection or information security could be considered an unfair practice under...more
Auto dealerships that provide financing are subject to the Gramm Leach Bliley Act (GLBA). That’s the old news. What’s new is that GLBA-covered businesses have until December 9 to implement significant changes to their...more
The Federal Trade Commission’s revised Safeguards Rule, which enumerates specific cybersecurity standards and procedures, will impose many new obligations on companies that are covered as “financial institutions” under the...more
The Gramm-Leach-Bliley Act (GLBA) is a federal law that establishes various legal requirements for companies that qualify as “financial institutions” under the Act. The GLBA’s definition of a “financial institution” is...more
Commercial landlords and tenants are preparing to safeguard their employees and customers from COVID-19 risks. Thermal cameras to measure temperatures, facial recognition, Bluetooth, Wi-Fi, and GPS are all being leveraged to...more
The FTC recently summarized three major changes it made to its orders in data security cases. In a blog signaling these changes, the FTC Indicated that some of the things it has been requiring of companies in 2019 are here to...more
Yesterday, Andrew Smith, Director of the FTC’s Bureau of Consumer Protection, announced the following three major improvements that have been made to FTC orders in data security cases...more
Three million fraud cases were reported to the FTC in 2018, and 444,602 of them involved identity theft. These reported cases (just think of how high the statistic would be if all cases were reported) amounts to the third...more
InfoTrax Systems, a Utah-based technology company, has agreed to implement a comprehensive data security program to settle Federal Trade Commission allegations that the company failed to put in place reasonable security...more
The Department of Veterans Affairs’ Office of Inspector General (VA OIG) recently completed an audit of the VA’s Milwaukee Regional Office after it was tipped off by a whistleblower about the exposure of sensitive information...more
Although Amazon and Google respond to reports of vulnerabilities in popular home smart assistants Alexa and Google Home, hackers continually work hard to exploit any vulnerabilities in order to listen to users’ every word to...more
Would you hand over your smartphone, including your call history, text messages, photos, GPS locations, and browser history to your employer? To your significant other? How about to a random stranger? I’m guessing your answer...more
The Security Summit, consisting of the Internal Revenue Service (“IRS”), state tax agencies, and private-sector tax industry officials, is encouraging tax professionals during the 2019 summer season to take some time to...more
In a set of recent settlements, the Federal Trade Commission (the FTC or Commission) resolved charges against two companies, ClixSense and D-Link, for failing to provide reasonable security and to live up to their data...more
The Federal Trade Commission is putting more teeth into the multiyear compliance obligations of consent orders it enters into with companies to settle enforcement actions related to data breaches. The FTC recently issued a...more
On February 28th, the Federal Trade Commission (“FTC”) released a report that offers several recommendations on ways to improve the security of mobile devices. ...more
As the number of smart devices in homes connected to the Internet continues to grow, the need to keep home networks secure becomes increasingly important. Device manufacturers that promise to secure these home networks,...more
Sectoral regulation of privacy and information security in the United States has created a complex system for tech innovation, because new products and services transcend the traditional sectoral boundaries and because...more
The IoT era is here. With expectations of tens of billions of IoT devices coming online in the next few years, the data privacy and security concerns are growing almost as quickly. IoT devices are expected to be involved in...more
In a surprising development, Wyndham Worldwide Corporation settled a long running dispute last week with the Federal Trade Commission that arose from three data breaches Wyndham suffered between 2008-2010. After an...more
A recent blog posting by the Federal Trade Commission (FTC) on data retention and disposal practices is the genesis of this blog. The posting talks about the importance of having a plan in place due to the potential that a...more