If you’ve been following the headlines, you know that a day doesn’t pass without a reference to the “GDPR”. On May 25, 2018, the European Union (EU) General Data Protection Regulation (GDPR) will take effect, marking the most...more
Last February, the IRS issued a warning to all employers regarding the resurgence of a W-2 based cyber scam. The scam, which targets businesses during tax season, was also “spreading to other sectors, including school...more
Automobile dealerships’ cybersecurity vulnerabilities can drive away customers, according to a survey by auditing firm Total Dealer Compliance.
Automotive News said the survey of 200 dealerships in five states found...more
On November 2nd, New York Attorney General Eric T. Schneiderman announced his proposal of the SHIELD Act – Stop Hacks and Improve Electronic Data Security Act – a bill that would heighten data security requirements for...more
The European Commission recently issued an overall positive review in its first annual report on the E.U. – U.S. Privacy Shield (“Privacy Shield”), after evaluating the Privacy Shield in its joint review with the US last...more
After hearing a lot lately about big companies suffering data breaches, it is important to remember that, according to inc.com, half of all cyberattacks target small to mid-sized businesses (SMBs). Based on a 2016 State of...more
The New York State Department of Financial Services (DFS) has set cybersecurity regulations that require minimum standards for protecting the customer information and information systems of the financial services industry....more
The deadline to comply with the first set of requirements under the new DFS Cybersecurity Regulations (“the Regulations”) is here! By today, August 28, 2017, businesses subject to the Regulations must ensure that...more
Amendments to Maryland’s Personal Information Protection Act expand the definition of personal information, modify the definition of breach of the security of the system, provide a 45-day timeframe for notification, allow...more
Several years ago, we published a short primer for law firms intending to provide a brief discussion of key cybersecurity issues, including some helpful steps for safeguarding the client personal and confidential information...more
Several years ago, cyber criminals developed a profitable form of malware, now known as ransomware. A “ransomware” attack occurs when a hacker takes control of the victim’s information systems and encrypts its data,...more
The Association of Corporate Counsel (ACC), which represents over 42,000 in-house counsel across 85 countries, recently released its ACC Chief Legal Officers (CLO) 2017 Survey which found that two-thirds of in-house legal...more
On January 13, current FTC chairwoman Edith Ramirez announced that she would resign from her position effective February 10, 2017. Ramirez was instrumental in increasing the FTC’s cybersecurity enforcement authority, going...more
On January 3, 2017, the Obama Administration issued a memorandum to all executive departments and agencies setting for a comprehensive policy for handling breaches of personally identifiable information (the “Memorandum”),...more
The New York State Department of Financial Services (“DFS”) has released a revised version of its proposed cybersecurity regulations, which set regulatory minimum standards for protecting the customer information and...more
As we’ve noted previously, President-elect Trump’s campaign was light on details about his plans to address cybersecurity. However, his announcement yesterday that Thomas P. Bossert will serve as his assistant for homeland...more
Earlier this month, the Federal Trade Commission (FTC) blogged about How to defend against ransomware, and published Ransomware – A Closer Look in the “Tips and Advice” section of its website. This follows warnings from other...more
It has been reported that infamous bank robber, Slick Willie Sutton, once said, “I rob banks because that’s where the money is.” Data thieves, understandably, have a similar strategy – go where the data is. The retail...more
Under this most recent change to California’s breach notification laws (California Civil Code sections 1798.29 and 1798.82), which takes effect January 1, 2017, businesses and agencies subject to the laws can no longer assume...more
The U.S. Department of Homeland Security (DHS) has designed October as National Cyber Security Awareness Month. But as we leave October, remember that data security is an ongoing challenge that requires continued vigilance...more
Fortune.com reported that according to an International Data Corporation (IDC) forecast, by 2020, spending on security-related hardware, software, and services will eclipse $100 billion. However, consulting company NTT Com...more
While data breach incidents affecting the entertainment, retail, healthcare, and financial industries have garnered more attention in past years, the data breach spotlight recently shifted to law firms.
...more