Category

Information Security

20 September 2022

FTC Defends Expansive Privacy and Data Security ANPR at Public Forum

The FTC continues its defense of the wide-reaching Advance Notice of Proposed Rulemaking (ANPR) on “Commercial Surveillance and Data Security” that the Commission, by a 3-2 vote, issued in August. (See the supporting statements of Chair Lina Khan and Commissioners Rebecca Slaughter, and Alvaro Bedoya, and … Read More

EmailShare
25 August 2022

FTC ANPR Explores Wide Ranging Topics for Privacy and Cybersecurity Rulemaking

On Thursday, August 11, the Federal Trade Commission (“FTC”) announced that it is exploring rules to crack down on harmful commercial surveillance and lax data security practices.  The FTC’s Advance Notice of Proposed Rulemaking (“ANPR”) solicits public comment on whether it should put into effect new rules and restrictions concerning … Read More

EmailShare
17 May 2022

Nation-State-Sponsored Attacks: Not Your Grandfather’s Cyber Attacks

*Reprinted with permission from the May 6, 2022 edition of the New York Law Journal © 2022 ALM Global Properties, LLC. All rights reserved. Further duplication without permission is prohibited, contact 877-256-2472 or reprints@alm.com.

It used to be that data breaches were all about cyber-crooks hacking computer systems to … Read More

EmailShare
03 March 2022

U.S. Government Issues Warning of Threat Against U.S. Critical Infrastructure

On February 25, 2022, in light of Russia’s attack on Ukraine, and months of continuing Russian state-sponsored cyberattacks on Ukrainian government and critical infrastructure organizations, the Cybersecurity and Infrastructure Security Agency (CISA) issued a “Shields Up” warning to American critical infrastructure organizations and businesses, stating that “[e]very organization—large and small—must … Read More

EmailShare
28 January 2022

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

On January 11, 2022, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) recently released a joint Cybersecurity Advisory warning critical infrastructure operators about the threat of Russian state-sponsored cyberattacks and recommended best practices to minimize disruption from such an … Read More

EmailShare
26 January 2022

Caremark’s Comeback Includes Potential Director Liability in Connection With Data Breaches

Caremark­-based claim against a board of directors alleging a failure to monitor corporate operations has been said to be “the most difficult theory in corporation law upon which a plaintiff might hope to win a judgment,” or at least to withstand a motion to dismiss.  Yet, Caremark has … Read More

EmailShare
09 December 2021

U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process

On November 26, 2021, the U.S. Department of Commerce (Commerce) issued a notice of proposed rulemaking (Proposed Rule) implementing Executive Order 14034 on Protecting Americans’ Sensitive Data from Foreign Adversaries (EO 14034). The Proposed Rule would bring “connected software applications” into the scope of Commerce’s authority to review certain transactions … Read More

EmailShare
17 August 2021

FFIEC Guidance on Authentication and Access to Financial Institution Services and Systems

On August 11, 2021, the Federal Financial Institutions Examination Council (FFIEC)1 issued guidance establishing risk management principles and practices to support the authentication of users accessing a financial institution’s information systems and customers accessing a financial institution’s digital banking services (the Guidance). The Guidance is not intended to serve … Read More

EmailShare
04 June 2021

TSA Issues Directive to Enhance Pipeline Cybersecurity

The U.S. Department of Homeland Security’s Transportation Security Administration (“TSA”) issued a Security Directive, “Enhancing Pipeline Cybersecurity” on May 28, laying out new cybersecurity requirements for operators of liquids and natural gas pipelines and LNG facilities designated as critical infrastructure.

EmailShare
Read More
EmailShare
25 February 2021

UK FCA Consults on Changes to Strong Consumer Authentication, Dedicated Interfaces, and Guidance on Payment Services

On January 28, 2021, the UK Financial Conduct Authority (FCA) published Consultation Paper CP21/3, “Changes to the SCA-RTS and to the guidance in ‘Payment Services and Electronic Money – Our Approach’ and the Perimeter Guidance Manual” (Consultation Paper). This follows the FCA’s announcement in its 2020-21 business plan that … Read More

EmailShare
1 2 3 15
XSLT Plugin by BMI Calculator