Saturday, October 16, 2021

Subscribers Only

Free

Massachusetts Enhances Its Data Breach Notification Law

Businesses victimized by data breaches must comply with heightened requirements under the newly-amended Massachusetts data breach notification law. It calls for additional disclosures in notifications to regulators and affected residents, and requires businesses to provide a minimum of 18 months of complimentary credit monitoring services to residents whose social security number may have been compromised. […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

House Appropriators Add Support for FedRAMP, 5G, and Chinese Telecom Bans to Spending Bill

The House Appropriations Committee passed its 2021 budget proposal for Financial Services and General Government, which includes funding for the governmentwide Technology Modernization Fund, and some last-minute amendments on 5G, Chinese telecommunications equipment, and FedRAMP. It includes $24.64 billion: $808 million more than fiscal 2020, for the Treasury, OMB, OPM, and GSA. More at NextGov
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Privacy & Cybersecurity Update April 2021

In this month’s edition of our Privacy & Cybersecurity Update, Skadden examines the Second Circuit’s ruling allowing standing for increased risk of identity theft following a data breach, the European Commission’s recently released Draft AI Regulation, the U.S. Department of Labor’s cybersecurity guidelines for retirement plans, and the Indiana Supreme Court’s ruling that a ransomware […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Blistering Report Scolds Navy for Longstanding Cybersecurity Challenges

The Department of the Navy has released a scathing review of the service’s cybersecurity readiness, reporting that hackers have been relatively unimpeded in years of accessing data of the department and its contractors. The report makes a lengthy set of recommendations, including ones focusing on changing the cybersecurity culture at the service so that leaders […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Law Firms’ Data Duty: Protecting Client Information From Cybercriminals

The impact from the recent Petya/NotPetya ransomware attack — or what was reported as a ransomware attack but now appears to be something even more damaging — continues to spread around the globe, with several new companies coming forward as victims, including a prominent law firm. This attack acts as an unfortunate reminder that the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

DoD Releases Version 0.7 of Its Cybersecurity Maturity Model Certification

On December 13, the Department of Defense released the latest version of its Cybersecurity Maturity Model Certification, requiring contractors to certify their ability to handle sensitive military information. This is the third iteration of the draft model that DoD has publicly released since it issued the first draft in October. DoD intends to begin incorporating […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

How the Shutdown Could Make it Harder for the Government to Retain Cybersecurity Talent

Columnist Joseph Marks anticipates the long-term impact of the partial government shutdown on the cybersecurity employment market, talking to current and former government officials for their insights. He reports their warning that the lure of better pay and greater job security in the private sector will attract cyber personnel away from government, and the best […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

NIST Working on IoT Security Guidelines and Vulnerability Disclosure Policies

The Internet of Things Cybersecurity Improvement Act calls on the National Institute of Standards and Technology to develop minimum security guidelines for IoT devices used by the federal government on its networks. The bill also tasks NIST with developing processes that address how the federal government ensures vulnerability disclosures are sent to the correct places […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Pentagon Issues Contract Guidance on China Tech Ban

The Pentagon has released a 15-page memo on implementing the imminent ban on contracting with companies that use telecommunications equipment made by Huawei and certain other China-based companies. Starting August 13, the government won’t be allowed to issue or extend contracts with companies that use video and telesurveillance technologies, services, and equipment made by manufacturers […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

California Legislature Passes CCPA Amendments and Privacy Bills

Last week, after months of negotiation and speculation, the California legislature passed bills amending the California Consumer Privacy Act (“CCPA”).  This marked the last round of CCPA amendments before the legislature adjourned for the year—and before the CCPA takes effect on January 1, 2020.  California Governor Gavin Newsom has until October 13 to sign the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.