Data Privacy & Cybersecurity PracticeConnecticut is part of the steady stream of states enacting more complicated and demanding data privacy and cybersecurity laws in 2021. The state joins Colorado and California in adding both a new privacy law and a new cybersecurity law. In this post, we review the key elements of Connecticut's Act Concerning Data Privacy Breaches and its Act Incentivizing the Adoption of Cybersecurity Standards for Businesses.
Read more »Data Privacy & Cybersecurity
-
Legislative Alert: Enhanced Privacy Protections Signed Into Law in Connecticut Posted on: July 21, 2021 In: Data Privacy & Cybersecurity
-
Legislative Alert: Colorado Privacy Act Passes State Senate, Signed Into Law By Governor Posted on: June 10, 2021 In: Data Privacy & CybersecurityOn June 8, 2021, the Colorado Senate passed the Colorado Privacy Act (CPA). It was then signed into law by Colorado Governor Jared Polis on July 7, 2021, and will go into effect on July 1, 2023. The CPA follows in the tradition of the California Consumer Privacy Act (CCPA) and Virginia’s Consumer Data Protection Act (CDPA) by creating consumer rights and imposing requirements on businesses to guarantee greater protections over consumers’ personal data.
Read more »
-
Backup, Separate, & Secure: White House Cyber Recommendations Reach the Private Sector Posted on: June 07, 2021 In: Data Privacy & CybersecurityOn Wednesday, June 2, Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger released an open letter encouraging businesses within the private sector to adopt immediate protections against ransomware and other cybersecurity threats. The recommendations in the letter are helpful and highlight high-level lessons learned from the increasing frequency and severity of ransomware attacks.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape, Part VII: Penalties and Enforcement Mechanisms Posted on: June 02, 2021 In: Data Privacy & CybersecurityAs discussed throughout this series, the passage of the California Privacy Rights Act (CPRA) will change the privacy landscape in California and impact the compliance efforts of businesses serving California consumers. In addition to expansion of the rights promised to consumers under the California Consumer Privacy Act (CCPA), this seventh installment in our series discusses the new penalties and enforcement mechanisms for subject businesses created by passage of the CPRA on November 3, 2020.
Read more »
-
What’s in President Biden’s Executive Order on Improving the Nation’s Cybersecurity? Posted on: May 27, 2021 In: Data Privacy & CybersecurityOn May 12, 2021, President Biden issued an Executive Order on Improving the Nation’s Cybersecurity, emphasizing the current cyberattack landscape targeting the public and private sectors and the need to heighten efforts and increase resources to defend against this threat environment. The Order comes following recent high-profile cyber incidents, and echoes the NIST's Framework’s Five Functions. Parts of the Order will also directly affect federal contracts and its supply chain.
Read more »
-
Legal Notification – One Size Does Not Fit All Posted on: May 21, 2021 In: Data Privacy & CybersecurityMedium, large and supersize...even fast food meals come in different sizes. After all, we want to be able to choose what is right for us and what meets our specific needs. Legal representation for cybersecurity incidents is no different. It should be customized to fit each client’s particular situation, addressing the nuances of the event and ensuring that the response is proportionate. There is no one size fits all approach to legal notification, especially where consumers or clients need to be informed.
Read more »
-
Top Tips to Prevent or Reduce the Impact of Cyber Incidents in Mergers & Acquisitions Posted on: May 13, 2021 In: Data Privacy & CybersecuritySelling and purchasing a business presents many challenges for both the seller and the buyer, but it’s important that data privacy and cybersecurity concerns aren’t lost in the due diligence process. In an increasingly digitized world, all businesses, big or small, face data privacy challenges that further complicate the process. Here are our top tips for smaller businesses to reduce the chances of data privacy issues arising during the sale or purchase of a business.
Read more »
-
Expect the Best, but Prepare for the Worst: 5 Practical Steps to Take Before a Ransomware Attack Posted on: April 22, 2021 In: Data Privacy & CybersecurityLast month, we wrote about steps to take after experiencing a ransomware event. This month, as ransomware events continue to grow in number and severity, we now share the following five practical tips to implement before a ransomware event. These tips should help you bolster your defenses and reduce the havoc a ransomware attack can have on your business.
Read more »
-
FinCEN Proposes New Regulations on Convertible Virtual Currencies and Digital Asset Transactions Posted on: April 09, 2021 In: Data Privacy & CybersecurityThe Financial Crimes Enforcement Network (FinCEN), a bureau within the U.S. Treasury Department, has proposed a new rule to bring convertible virtual currencies (CVC) and legal tender digital asset transactions within the existing anti-money laundering and “know your customer” regulatory framework under the Bank Secrecy Act. The timing of FinCEN’s proposed rule is no accident. It comes at an explosive time for ransomware attacks and increased public awareness of and acceptance of CVCs, such as Bitcoin.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape, Part VI: CPRA’s Impact On Service Providers, Contractors, and Third Parties Posted on: April 05, 2021 In: Data Privacy & CybersecurityAs detailed in our ongoing series, the passage of the California Privacy Rights Act (CPRA) promises to drastically change the privacy landscape in the Golden State, and affect the privacy compliance efforts of many businesses that service customers in California.
Read more »
-
ALERT: Microsoft Exchange Vulnerabilities Used to Deploy Ransomware Posted on: March 15, 2021 In: Data Privacy & CybersecurityOn March 11, 2021, Microsoft acknowledged that the recently disclosed Microsoft Exchange vulnerabilities were being used to facilitate ransomware attacks. The four vulnerabilities – known as vulnerabilities CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065 – have been exploited by attackers to compromise systems beyond the Exchange server.
Read more »
-
You’ve Experienced a Ransomware Attack - Now What? 5 Practical Steps to Take In Response to a Ransomware Attack Posted on: March 11, 2021 In: Data Privacy & CybersecurityBy now, most of you know that due to the COVID-19 pandemic and the shift to remote work, data security incidents increased both in number and severity in 2020 and show no signs of slowing down in 2021. What you may not know, however, is what to do when your business experiences a ransomware attack. This post details five steps your organization should take immediately to reduce the impact of the attack.
Read more »
Blog Search
Featured Posts
Blog Tags
accounting firms
alabama
anti-money laundering
arkansas
audit
bank secrecy act
biometric data
blockchain
breach notification
california
canada
ccpa
client notification
colorado
congress
connecticut
consumer notification
consumer rights
coronavirus
covid-19
cpra
cryptocurrency
cyber insurance
cybersecurity
cyber threat
data breach
dataprivacy
data privacy
data security
delaware
department of health and human services
department of transportation
department of treasury
email
employment
equifax
eu
eu-u.s. privacy shield
european union
executive order
fbi
fcc
fcra
federal trade commission
fincen
fraud
gdpr
genetic information privacy act
hacking
healthcare
hhsocr
hipaa
holiday season
homeland security
human resources
identity fraud
identity theft
illinois
incident response
information security
irs
legislation
legislative alert
malware
managed service providers
maryland
massachusetts
microsoft exchange servers
microsoft office 365
multi-factor authentication
multi-factor identification
new jersey
new mexico
new york
ninth circuit
nist security controls
opt out
personal data
personal information
phishing
pre-breach services
privacy notification
protected health information
ransomware
regulations
scareware
social engineering
social media
statute
supreme court
tax returns
utah
video-teleconferencing
virginia
w2
washington
websites
wisp
workplace policy
zoom