Digital Planning Podcast - Interview With Leeza Garber
Compliance into the Weeds-Episode 39, Disclosure of Ransomware Attacks
Your Cyber Minute: Compliance with the Proposed NYDFS Cybersecurity Regulation
Safeguards against Data Security Breaches (Part One)
New York’s Cybersecurity Regulation continues its phased roll-out on November 1, when licensed financial services companies face a host of new requirements aimed at bolstering breach readiness and improving their ability to...more
Businesses increasingly rely on technology containing Artificial Intelligence (AI) to streamline operations, enhance employee experiences and drive strategic decision-making. The integration of AI into work systems, including...more
Hosted by American Conference Institute, the 14th Advanced Forum on Global Encryption, Cloud & Cyber Export Controls returns for another exciting year with curated programming that brings together a global gathering of...more
Cybersecurity is a looming threat for most businesses. The impact of a major cyber event can resonate for weeks, months, and even years after the initial attack. To mitigate the risks to consumers, there have been several...more
The FTC has reached a settlement with Residual Pumpkin Entity, LLC and PlanetArt, LLC—the former and current owners of online merchandise platform CafePress (collectively, “CafePress”)—to resolve allegations that CafePress...more
It may seem that the very term “ransomware” wasted little time going from “newish-sounding threat” to expected, constant presence in the news and IT meetings alike. But, of course, it’s ultimately just a modern word for one...more
What You Should Know •The FTC has amended the Safeguards Rule for non-bank providers of financial products and services by issuing a Final Rule. •The updates are intended to enhance the security of consumer financial...more
On October 27, 2021 the FTC issued a final rule (the “Final Rule”) amending 16 CFR Part 134, Standards for Safeguarding Customer Information (“Safeguards Rule”), after a period of notice and comment. While the existing...more
In our first article to kick off Cybersecurity Awareness Month, we will discuss some steps businesses can take to improve their cyber hygiene. Over the past few years, some of the largest and well-known companies have been...more
The COVID-19 pandemic has caused many employers now operating remotely to conduct meetings via video conference – which has created a whole new set of various privacy and cybersecurity concerns. While these remote work tools...more
Many workers and employers are adjusting to remote working as a result of the COVID-19 pandemic. That shift has created a unique opportunity for cyber-attackers and criminals – the European Union Agency for Cybersecurity has...more
SDNY Rejects Standing under “Increased Risk” Theory Where Data Not Targeted or Stolen - The Southern District of New York rejected a settlement that would have resolved a class action based on the unauthorized (and...more
Two years on since the first draft, the final act of the legislative passage saga of the long-awaited People's Republic of China Encryption Law ended with its promulgation on 26 October 2019. It will take effect on 1 January...more
The University of Rochester Medical Center (URMC) and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Service (HHS) entered into a $3 million no-fault settlement agreement and two year corrective...more
Cybersecurity is only as strong as your weakest link. No matter how well you shore up your firm or corporate legal department, you can still become vulnerable through a vendor. According to a Ponemon Institute study,...more
James Grago has a nice business going. He runs a website called ClixSense.com that permits users to earn money by completing surveys and watching advertisements. Revenues grew from $6.7 million in 2015 to $9.1 million in...more
In late 2018 the U.S. District Court of New Jersey indicted two Iranian men for allegedly running a hacking scheme that hit local and state governments as well as transportation agencies and hospitals across the U.S. The...more
We are living in a rapidly changing world (trite, I know) where companies have to focus on data privacy and security for a variety of reasons. Consumers and constituents are concerned about the safety and privacy of personal...more
Some analysts have predicted that by 2020, there will be 20 billion IoT connected devices worldwide, which could grow to over 80 billion by 2025. Sales of IoT devices were $80 billion in 2017, which is predicted to grow to...more
The “security principle” under the General Data Protection Regulation (GDPR) requires that organizations process personal data securely by means of “appropriate” technical and organizational measures....more
Encryption refers to the process of converting data into a form that is unreadable unless the recipient has a pre-designated algorithm, a “key,” and a password to convert the information into readable text. Most statutes,...more
In April 2018, Verizon released the 11th edition of its Data Breach Investigations Report. As usual, the Verizon DBIR contained interesting data points culled from more than 53,000 incidents and 2,216 confirmed data breaches....more
Security researchers and cybersecurity experts recently discovered a weakness in Fiserv’s web platform, which may have exposed the personal and financial details of customers across hundreds of internet banking sites. The...more
On September 1, 2018, five new requirements included in the New York State Department of Financial Services’ (DFS) Cybersecurity Regulation go into effect – (1) audit trails, (2) application security, (3) data disposal...more
The Ponemon Institute has released a recent report concluding, among other things, that the cost to a company suffering a data breach in the U.S. has risen eight percent year-on-year from 2017. The total cost of the average...more