Saturday, October 16, 2021

Subscribers Only

Free

“Safe Harbor” Ports in a Cybersecurity Litigation Storm

Legislatures across the country have enacted a variety of laws to respond to the growing threat from cyberattacks. For example, over a number of years, all states have adopted notification laws that require companies to notify individuals of certain data breaches. Other legislatures have enacted regulations that require companies to meet certain cybersecurity standards. Notably, […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Democratic Lawmakers Press Federal Agencies to Act on Ransomware

A group of Democratic lawmakers has written to the heads of four federal agencies, expressing an urgent need for the Biden administration to continue combating ransomware, pushing for “stronger coordination” between their departments to address the role of cryptocurrency in facilitating the attacks. Senators Ed Markey (D-MA) and Sheldon Whitehouse (D-RI), and Representatives Jim Langevin […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Iran Linked to Office 365 Attacks on Defense/Maritime Industries

Microsoft reports that hackers – likely acting on behalf of the government of Iran – attempted to access the Office 365 accounts of more than 250 employees of U.S. and Israeli defense technology and global maritime companies. During the attack, which began in July, hackers used high-speed “password spraying” to look for effective passwords. They […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

FDA Publishes Advice for Telling Patients about Cyber Flaws in Medical Devices

The Food and Drug Administration has issued Best Practices for Communicating Cybersecurity Vulnerabilities to Patients as a guide for healthcare industry stakeholders such as manufacturers and federal agencies. Its goal is to design a “communication approach” for informing patients and caregivers about security holes, in devices ranging from mobile apps to pacemakers. The guidance recommends […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Senators Urge FTC to Craft Data Privacy and Security Rules

On September 20, nine Democratic senators wrote a letter to the Federal Trade Commission, requesting that it create new rules to protect consumers’ personal data and privacy. The senators played on FTC Chair Lina Khan’s aversion to Big Tech and aggressive antitrust agenda by stating that “Big Tech companies have used their unchecked access to […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

White House to Introduce ‘Zero Trust’ Cybersecurity Policy to Federal Agencies

Last month, the Office of Management and Budget and the Cyber and Infrastructure Security Agency released draft guidance to implement a Zero Trust cybersecurity policy government-wide. OMB and CISA are seeking public comment on the strategical and technical guidance published in direct support of President Biden’s Executive Order on Improving the Nation’s Cybersecurity. The OMB’s […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Better Cyber Defenses May Lead to More Insider/Social Attacks

Bob Rohrer, director of the National Insider Threat Task Force, warns that improvements in cybersecurity defenses such as zero-trust architectures are likely to push adversaries to focus more on targeting privileged insiders. “I think it’s just as important to keep the insider threat discussion as robust as the cyber threat discussion, because they go hand […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

To Avoid Punitive Damages for a Data Breach in Connecticut, You Need to Try

In Connecticut, if you adopt and maintain and comply with written cybersecurity program that contains administrative, technical and physical safeguards for the protection of personal or restricted information and that conforms to an industry recognized cybersecurity framework then you will not be subject to punitive damages in court against any cause of action founded in […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Saudi Arabia’s New Data Protection Law – What You Need to Know

The Middle East’s data protection regulatory landscape is complex, and continues to develop with the Kingdom of Saudi Arabia’s (KSA) newly published Personal Data Protection Law. While the PDPL contains the main features of a modern data protection law, it cannot be considered a direct analogue of the GDPR. For example, an unlawful transfer of […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

DHS Issuing New Cybersecurity Requirements to Transportation Sectors

As part of a 60-day "sprint" launched in September, DHS is adding cybersecurity information sharing requirements for the transportation sector. The Coast Guard is...