Data Privacy & Cybersecurity PracticeOn November, 18, 2021, the Federal Deposit Insurance Corporation, the Board of Governors of the Federal Reserve System, and the Office of the Comptroller of the Currency issued a joint final rule to establish computer-security incident notification requirements for banking organizations and their bank service providers. The final rule's new definition narrows the focus to those incidents most likely to materially and adversely affect BOs, while still retaining general consistency with the NIST definition.
Read more »Tag: nist
-
Banking Organizations & Bank Service Providers Subject to New Computer-Security Incident Notification Rule Posted on: November 24, 2021 In: Data Privacy & Cybersecurity
-
Fraud Liability for Government Contractors with Lax Cybersecurity Posted on: October 22, 2021 In: Data Privacy & CybersecurityThe Department of Justice announced on October 6, 2021 the creation of a new Civil Cyber-Fraud Initiative to pursue penalties against government contractors who do not properly comply with the cybersecurity standards required by their contracts. This new risk, under the False Claims Act, means that CISOs should consult with their lawyers before starting cybersecurity compliance audits.
Read more »
Blog Search
Featured Posts
- June 11, 2021 Using Artificial Intelligence to Track Growing Remote Workforce and Related Litigation Implications
- June 07, 2021 Backup, Separate, & Secure: White House Cyber Recommendations Reach the Private Sector
- June 02, 2021 How to Protect Your Investment in Employees in a Tight Labor Market
- March 29, 2021 Complaint Itself Cannot Meet Knowledge Requirement For Indirect & Willfulness Claims, Says Delaware District Court
Blog Tags
alabama
arkansas
audit
bank secrecy act
biometric data
breach notification
business-to-business
california
canada
ccpa
cisa
client notification
colorado
congress
connecticut
consumer notification
consumer rights
coronavirus
covid-19
cpra
cryptocurrency
cyber insurance
cybersecurity
cyber threat
data breach
data privacy
data security
delaware
department of commerce
email
employment
equifax
ethereum
eu
eu-u.s. privacy shield
european union
executive order
fbi
fcra
federal communication
federal trade commission
financial fraud kill chain
fincen
fma
fraud
ftc
gdpr
hacking
healthcare
hhsocr
hipaa
holiday season
human resources
identity theft
illinois
incident response
information security
insider attacks
irs
legislation
legislative alert
malware
managed service providers
maryland
massachusetts
microsoft exchange servers
microsoft office 365
multi-factor authentication
multi-factor identification
new jersey
new mexico
new york
ninth circuit
nist
nist security controls
ofac
opt out
patching
personal data
personal information
phishing
protected health information
ransomware
regulations
school
security posture assessment
social engineering
social media
statute
supreme court
tax returns
third party
utah
video-teleconferencing
virginia
w2
washington
websites
workplace policy
zoom