Thursday, October 22, 2020

Subscribers Only

Free

NY State’s New Cyber Rules for Banks

Critics of New York’s proposed new cybersecurity regulations for the financial and insurance sectors say the new rules will merely add more paperwork for big firms, who already have to comply with federal regulations and industry standards. More at CNBC
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

If the GDPR Were in Effect, Yahoo Would Have to Write a Large Check

Under the EU’s new General Data Protection Regulation, Yahoo could have been fined up to 2 percent of its global revenue—or about $90 million—for failing to timely notify users of the breach of its systems. The GDPR has not yet gone into effect, but other oversight entities—including the UK’s Information Commissioner’s Office, Ireland’s Data Protection […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Warner Asks SEC to Prove Yahoo Breach

Senator Mark Warner (D-VA) has asked the Securities and Exchange Commission to investigate whether Yahoo timely disclosed the breach of its systems to the public and investors. Warner notes that as recently as September 9, Yahoo stated that it had not experienced any breaches. More at ComputerWorld
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Users File Lawsuit Against Yahoo Over Data Breach

The massive data breach that potentially exposed the personal information of 500 million Yahoo users has triggered several class action lawsuits against the firm, with plaintiffs arguing Yahoo did not do enough to protect their data, and misrepresented the security of its systems. More at Security Week
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Department of Transportation Releases Policy Guidance on Autonomous Vehicle Technology

The Department of Transportation has issued new policy guidance for manufacturers of autonomous vehicles and states considering how to regulate these technologies. Among covered areas, the guidance addresses data recording and sharing, consumer privacy, and vehicle cybersecurity. More at National Law Review
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Health IT Playbook Released

The Department of Health and Human Services Office of the National Coordinator for Health Information Technology has issued a new Health IT Playbook with tools and resources providing practical, technical, and workflow assistance for healthcare providers. The playbook includes advice on electronic health record acquisitions, HIPAA compliance guidance, and an interactive map of federal support […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Committee Releases Updated Encryption Report

House Homeland Security Committee chairman Michael McCaul (R-TX) released an update to Going Dark, Going Forward: A Primer on the Encryption Debate, the committee’s report on encryption and its impact on law enforcement and counterterrorism efforts. The committee updated the report to reflect recent developments on the topic of encryption, in light of terror attacks […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

House Passes Cyber Preparedness Act

On Tuesday, the House of Representatives passed six bills to strengthen various Department of Homeland Security programs, including H.R. 5459, the Cyber Preparedness Act of 2016. The act would enhance DHS’s ability to prepare and respond to cyber attacks and support the dissemination of homeland security information related to cyber threats. More at House Homeland […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

FAA Advisory Body Recommends Cybersecurity Measures

The Federal Aviation Administration’s Radio Technical Commission for Aeronautics—a public-private partnership that serves as an FAA advisory panel—recently adopted language recommending that cybersecurity protections be built into all future industrywide standards. Unlike FAA-created committees, the panel is unable to mandate specific requirements or safeguards, but elevating the priority of cybersecurity in its recommendations will influence […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

NIS Directive Published: EU Member States Have Just Under Two Years to Implement

EU member states have until May 9, 2018, to implement the Directive on Security of Network and Information Services, a program intended to heighten and standardize the level of security of network and information systems across the EU. Questions remain about how the directive will be implemented and which authorities will be designated accountable. Because […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.