Wednesday, December 1, 2021

Subscribers Only

Free

Consumers’ Negligence Claims Survive in Data Breach Class Action Against Cloud Provider

Recently, negligence claims in a putative class action brought against a cloud software provider survived a motion to dismiss in the U.S. District Court for the District of South Carolina because the judge held that the consumers pled they were owed a duty of protection. The Plaintiffs asserted claims for a putative class of third […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

A Mere Two Years After Adding Huawei to Entity List, BIS Announces First Enforcement...

On Monday, November 8, 2021, the Bureau of Industry and Security (BIS) of the US Department of Commerce announced its first enforcement case against a company,...

Cyber Risk Insurance in the Wake of the Colonial Pipeline Cyberattack

In the wake of the Colonial Pipeline attack, developers of energy projects which rely on pipelines to deliver products (from traditional oil to renewable natural gas) find themselves exposed to the new risk of ransomware attacks – a risk which security technology is still struggling to address. In the meantime, energy project stakeholders (from financing […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

DoD Revamps Contractor Cybersecurity Requirements With CMMC 2.0

CMMC 2.0 follows an interim Defense Federal Acquisition Regulation Supplement (DFARS) rule released on 29 September 2020, which planned for all defense contracts to incorporate the robust requirements of CMMC 1.0 by FY 2026 (see our summary of the previous CMMC 1.0 framework here). After reviewing comments on the interim rule from industry and other stakeholders, […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CMMC 2.0 – What Changed & What Should Government Contractors Do Next?

CMMC 2.0 significantly reduces assessment costs for all companies at Level 1 and a subset of companies at Level 2. While costs have reduced, the risk of noncompliance is still the same – loss of government contracts or worse, a False Claims Act penalty. The updated framework also allows companies to receive contract awards with […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Updates Announced to Department of Defense Cybersecurity Certification Program

The Department of Defense recently announced several changes to its Cybersecurity Maturity Model Certification program. The program applies to those who serve as contractors and suppliers to the DOD. As described in our sister blog, the new version of the program – “CMMC 2.0” – has several important differences from the original program. CMMC 2.0 is anticipated to […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

UK Supreme Court Rules in Google’s Favor in Data Privacy Group Litigation with Major...

In a recent article, Faegre Drinker summarizes the judgment handed down in Lloyd v Google LLC [2021] UKSC 50 by the Supreme Court on November 10, 2021. This case is  potentially one of the most significant and anticipated data privacy judgments to date. Key Takeaways A representative action may be brought for claims of breach […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

U.S. Department of the Treasury Announces Partnership with Israel to Combat Ransomware

On November 14, 2021, the U.S. Department of the Treasury announced a bilateral cybersecurity partnership with the Israeli Ministry of Finance “to protect critical financial infrastructure and emerging technologies” and combat the use of ransomware. The initiative includes the launch of a U.S.-Israeli Task Force on Fintech Innovation and Cybersecurity (the “Task Force”), which seeks to advance […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Council Agrees Draft Digital Services Act and Digital Markets Act

On November 25, 2021, the Council of the European Union reached an agreement on the draft Digital Services Act (“DSA”) (see here and here) and the Digital Markets Act (“DMA”) (see here) bringing them one step closer to adoption.  The European Parliament will discuss the drafts on December 9 and plans to announce its first […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

US Banking Regulators Promulgate a Final Rule for 36-Hour Notice of Breach

On November 18, 2021, the US federal banking regulators Office of the Comptroller of the Currency, Federal Reserve Board, and Federal Deposit Insurance Corporation...