Data Privacy & Cybersecurity PracticeOn March 15, 2022, the Strengthening American Cybersecurity Act, which includes the Cyber Incident Reporting for Critical Infrastructure Act of 2022 was signed into law by President Biden, thereby creating new reporting requirements for critical infrastructure entities. Under the Act, entities considered to be critical infrastructure must notify the Cybersecurity and Infrastructure Security Agency within 72 hours of discovering a covered cyber incident and within 24 hours of a ransomware payment.
Read more »Data Privacy & Cybersecurity
March 2022
-
UPDATE: Strengthening American Cybersecurity Act of 2022 Signed Into Law Posted on: March 28, 2022 In: Data Privacy & Cybersecurity
-
Additional Data Protection Authorities Assess Legality Around Using Google Analytics Posted on: March 22, 2022 In: Data Privacy & CybersecurityIn response to a 2020 European Court of Justice (ECJ) ruling that the EU-US Privacy Shield data transfer mechanism was not consistent with European data protection laws, the EU and U.S. began working to identify a new arrangement for transferring personal data from the EU to the U.S. However, to date, no substitute data transfer mechanism has been identified.
Read more »
-
Standing Up the Strengthening American Cybersecurity Act of 2022 Posted on: March 16, 2022 In: Data Privacy & CybersecurityThe U.S. Senate unanimously passed the Strengthening American Cybersecurity Act on March 1, 2022. If signed into law, it would create an affirmative obligation for critical infrastructure entities across 16 federally designated critical infrastructure sectors, including energy and financial services, to report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency.
Read more »
-
FinCEN Alert: Malware/Ransomware Updates & New Perimeter Device Vulnerability Posted on: March 08, 2022 In: Data Privacy & CybersecurityThere have recently been a number of developments in cybersecurity due to the Russia/Ukraine conflict. The Financial Crimes Enforcement Network (FinCEN) released an alert on March 7 advising all financial institutions to be vigilant against efforts to evade sanctions imposed in connection with the Russian invasion of Ukraine. The primary focus of the alert appears to be eliciting cooperation of financial institutions in identifying hidden Russian and Belarusian assets.
Read more »
-
QR Codes – Consumer Convenience or Fraudulent Contrivance? Posted on: March 07, 2022 In: Data Privacy & CybersecurityDuring the halftime show of this year’s Super Bowl, a floating QR code took a star turn in a prominently placed advertisement from cryptocurrency exchange platform Coinbase. So many people reportedly followed the link from the QR code that the resulting traffic overwhelmed and crashed the Coinbase website landing page. The convenience of the code clearly worked, but while QR codes may be a welcome convenience, they may also be a potential tool for the commission of fraud.
Read more »
Blog Search
Featured Posts
- December 06, 2022 Just In Time: Last Minute Compliance Tips for the CPRA and VCDPA
Blog Tags
alabama
arkansas
audit
bank secrecy act
biometric data
blockchain
breach notification
california
canada
ccpa
cisa
client notification
colorado
congress
connecticut
consumer data
consumer notification
consumer rights
coronavirus
covid-19
cppa
cpra
cryptocurrency
cyberattack
cyber insurance
cybersecurity
cyber threat
cyberwarfare
data breach
data privacy
data protection
data security
delaware
email
employment
equifax
eu
eu-u.s. privacy shield
european union
executive order
fbi
fcra
federal trade commission
financial fraud kill chain
fincen
fraud
ftc
gdpr
hacking
healthcare
hhsocr
hipaa
holiday season
human resources
identity theft
illinois
incident response
information security
irs
legislation
legislative alert
malware
maryland
massachusetts
microsoft
microsoft exchange servers
multi-factor authentication
multi-factor identification
new jersey
new mexico
new york
ninth circuit
nist
nist security controls
ofac
office for civil rights
opt out
personal data
personal information
phishing
privacy law
privacy protection patchwork
protected health information
ransomware
regulations
reporting requirements
sec
social engineering
social media
statute
supreme court
tax returns
treasury department
utah
vcdpa
virginia
w2
washington
wire transfers
workplace policy