Data Privacy & Cybersecurity PracticeNew York Governor Andrew Cuomo has signed into law Senate Bill S3582, which further expands obligations owed to consumers when a data security breach affects a credit reporting agency.
Read more »Data Privacy & Cybersecurity
-
Legislative Alert: New York Expands Data Breach Obligations for Credit Reporting Agencies Posted on: August 15, 2019 In: Data Privacy & Cybersecurity
-
Legislative Alert: New York Amends Its Data Breach Notification Law Posted on: August 12, 2019 In: Data Privacy & CybersecurityNew York Governor Andrew Cuomo signed into law the Stop Hacks and Improve Electronic Data Security (SHIELD) Act, Senate Bill 5575B/Assembly Bill 5635B. The SHIELD Act updates the state’s existing data breach notification law, N.Y. Gen. Bus. Law § 899-aa, and creates a new section, § 899-bb, requiring reasonable data security for “private information” and granting enforcement powers to the attorney general against non-compliant entities.
Read more »
-
Shutting Down the Factory: Why the Manufacturing Sector Must Pay More Attention to Cyber Attackers Posted on: July 23, 2019 In: Data Privacy & CybersecurityOn any given day, the manufacturing business is fraught with challenges, from supply chain issues to personnel matters, pricing strategies, competition, and customer acquisition. The last thing a company needs or wants is to be a target in the crosshairs of overseas criminals who treat the company’s operating capital as a piggy bank to be cracked open.
Read more »
-
Ransomware Reminders: Implementing Best Practices & Avoiding the Biggest Mistakes Posted on: June 27, 2019 In: Data Privacy & CybersecurityRansomware continues to ravage systems across the globe in part because, unlike more typical malware, its lifespan on a computer is incredibly short. Recent strains like Ryuk and BitPaymer encrypt files and deliver their ransomware messages within seconds of appearance on a victim’s computer, leaving little time for detection and defense. The FBI recently alerted data security professionals worldwide to be aware of yet another new variant – this one called RobbinHood – that follows similar attack vectors.
Read more »
-
CCPA’s Final Requirements in Flux, with Six Months to Go to Comply - Part 3 of 3: Trends and Planning – What it All Means Posted on: June 07, 2019 In: Data Privacy & CybersecurityOn June 28, 2018, the state of California enacted and then-Governor Jerry Brown signed the California Consumer Protection Act (CCPA) into law. The CCPA is a robust piece of legislation that substantially expanded the privacy rights of California residents regarding the collection, use, sale, and disclosure of their personal information by certain for-profit businesses that operate or do business in California. The final installment of this three-part series will cover trends and planning.
Read more »
-
CCPA’s Final Requirements in Flux, with Six Months to Go to Comply - Part 2 of 3: General Observations on Pending Amendments to the CCPA Posted on: June 05, 2019 In: Data Privacy & CybersecurityOn June 28, 2018, the state of California enacted and then-Governor Jerry Brown signed the California Consumer Protection Act (“CCPA”) into law. The CCPA is a robust piece of legislation that substantially expanded the privacy rights of California residents regarding the collection, use, sale, and disclosure of their personal information by certain for-profit businesses that operate or do business in California. Part 2 of this three-part series will look at pending amendments to the CCPA.
Read more »
-
CCPA’s Final Requirements in Flux, with Six Months to Go to Comply - Part 1 of 3: Where Does the Law Stand Now? Posted on: June 03, 2019 In: Data Privacy & CybersecurityOn June 28, 2018, the state of California enacted and then-Governor Jerry Brown signed the California Consumer Protection Act (CCPA) into law. The CCPA is a robust piece of legislation that substantially expanded the privacy rights of California residents regarding the collection, use, sale, and disclosure of their personal information by certain for-profit businesses that operate or do business in California. Part 1 of this three-part series will examine the current state of the law.
Read more »
-
Legislative Alert: New Jersey Enacts Legislation to Expand Disclosure of Online Data Breaches Posted on: May 31, 2019 In: Data Privacy & CybersecurityOn May 10, 2019, New Jersey enacted Senate Bill 52 (SB 52). This bill, which will take effect on September 1, 2019, will require disclosure of data breaches that impact usernames, email addresses, and/or other account holder identifying information belonging to residents of the Garden State when combined with any password or security questions and answers.
Read more »
-
Legislative Alert: Maryland Amends Data Breach Notification Law to Improve Incident Response Posted on: May 16, 2019 In: Data Privacy & CybersecurityOn April 30, 2019, Maryland enacted an amendment to Maryland’s Personal Information Protection Act (Md. Code Ann. § 14-3504), which becomes effective on October 1, 2019. The amendment was introduced in response to a rise in consumer complaints about identity theft.
Read more »
-
Legislative Alert: Alabama Passes Heightened Cybersecurity Standards for the Insurance Industry Posted on: May 13, 2019 In: Data Privacy & CybersecurityOn May 1, 2019, Governor Kay Ivey signed Alabama S.B. 54 into law, making Alabama the latest state to pass a law mandating heightened standards within the insurance industry for cybersecurity and data privacy. The Insurance Information Security Program Requirement applies specifically to insurers and other entities licensed by the Alabama Department of Insurance.
Read more »
-
Legislative Alert: Updates to Washington Breach Notification Statute Expected Posted on: May 07, 2019 In: Data Privacy & CybersecurityWashington State will soon pass a law that will overhaul its data breach notification requirements, beginning in March 2020. House Bill 1071, which passed both of Washington’s legislative chambers, was presented to Governor Jay Inslee in late April, and the governor is widely expected to sign the bill into law. The bill includes four significant changes to Washington’s existing data breach notification requirements.
Read more »
-
The Threat Sitting Next To You: Defending Cyber Insider Attacks Posted on: May 03, 2019 In: Data Privacy & CybersecurityEach year, companies wisely invest in advanced perimeter security devices and software to secure their electronic data and thwart cyber attacks. Unfortunately, despite that well-reasoned approach, the greatest threat to data security may be someone within the organization’s own walls.
Read more »
Blog Search
Featured Posts
Blog Tags
alabama
anti-money laundering
arkansas
audit
audit logging
bank secrecy act
bitcoin
blockchain
breach notification
california
canada
ccpa
client notification
coast guard
colorado
commission
congress
consumer notification
credit card fraud
cryptocurrency
cybersecurity
cyber threat
data breach
data privacy
data privacy act
data privacy officer
data security
department of commerce
department of health and human services
department of state
department of transportation
ebt
electronic benefit transfer
electronic information
email
employment
equifax
ethereum
eu
eu-u.s. privacy shield
european union
executive order
fbi
fcc
fcra
federal communication
federal trade commission
financial services
gdpr
hacking
hipaa
hippa
homeland security
identity fraud
identity theft
incident response
insurance industry
internet
irs
legislative alert
malware
managed service providers
maritime cybersecurity
maryland
meltdown
microsoft office 365
money service business
multi-factor identification
new jersey
new mexico
new york
nist security controls
office for civil rights
passwords
patching
personal data
personal information
phishing
pre-breach services
privacy notification
protected health information
ransomware
regulations
research
search warrant
security posture assessment
security rule
security vulnerabilities
social engineering
social media
ssn
statute
supreme court
tax returns
third party
utah
virginia
virus
w2
washington