On March 15, 2022, the Strengthening American Cybersecurity Act, which includes the Cyber Incident Reporting for Critical Infrastructure Act of 2022 was signed into law by President Biden, thereby creating new reporting requirements for critical infrastructure entities. Under the Act, entities considered to be critical infrastructure must notify the Cybersecurity and Infrastructure Security Agency within 72 hours of discovering a covered cyber incident and within 24 hours of a ransomware payment.
Read more »Data Privacy & Cybersecurity
March 2022
-
UPDATE: Strengthening American Cybersecurity Act of 2022 Signed Into Law Posted on: March 28, 2022 In: Data Privacy & Cybersecurity
-
Additional Data Protection Authorities Assess Legality Around Using Google Analytics Posted on: March 22, 2022 In: Data Privacy & Cybersecurity
In response to a 2020 European Court of Justice (ECJ) ruling that the EU-US Privacy Shield data transfer mechanism was not consistent with European data protection laws, the EU and U.S. began working to identify a new arrangement for transferring personal data from the EU to the U.S. However, to date, no substitute data transfer mechanism has been identified.
Read more »
-
Standing Up the Strengthening American Cybersecurity Act of 2022 Posted on: March 16, 2022 In: Data Privacy & Cybersecurity
The U.S. Senate unanimously passed the Strengthening American Cybersecurity Act on March 1, 2022. If signed into law, it would create an affirmative obligation for critical infrastructure entities across 16 federally designated critical infrastructure sectors, including energy and financial services, to report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency.
Read more »
-
FinCEN Alert: Malware/Ransomware Updates & New Perimeter Device Vulnerability Posted on: March 08, 2022 In: Data Privacy & Cybersecurity
There have recently been a number of developments in cybersecurity due to the Russia/Ukraine conflict. The Financial Crimes Enforcement Network (FinCEN) released an alert on March 7 advising all financial institutions to be vigilant against efforts to evade sanctions imposed in connection with the Russian invasion of Ukraine. The primary focus of the alert appears to be eliciting cooperation of financial institutions in identifying hidden Russian and Belarusian assets.
Read more »
-
QR Codes – Consumer Convenience or Fraudulent Contrivance? Posted on: March 07, 2022 In: Data Privacy & Cybersecurity
During the halftime show of this year’s Super Bowl, a floating QR code took a star turn in a prominently placed advertisement from cryptocurrency exchange platform Coinbase. So many people reportedly followed the link from the QR code that the resulting traffic overwhelmed and crashed the Coinbase website landing page. The convenience of the code clearly worked, but while QR codes may be a welcome convenience, they may also be a potential tool for the commission of fraud.
Read more »
Blog Search
Featured Posts
- December 06, 2022 Just In Time: Last Minute Compliance Tips for the CPRA and VCDPA