No Password Required: LIVE From Sunshine Cyber Con
An Update On IOT Device Breaches, Framework, And Legislation
Your Cyber Minute: Importance of the GDPR to the global business community
Your Cyber Minute: The Implications of the GDPR for Cybersecurity
How to Respond to President Obama's Cybersecurity Executive Order
Cybersecurity is now a core element of legal, regulatory, and business risk management. In Latin America and the Caribbean, organizations face mounting pressure to demonstrate proactive compliance with evolving data...more
In response to “multiple” cyber threat vectors, the Biden administration has asked governors of all 50 states to generate cybersecurity plans within 90 days (approximately July 1, 2024) to protect local water and wastewater...more
On November 1, 2023, the New York Department of Financial Services (NYDFS) announced the adoption of amendments to its Cybersecurity Regulation 23 NYCRR Part 500 (“Amended Cybersecurity Rules” or “Amended Rules”). NYDFS...more
A major amendment to the New York State Department of Financial Services' cybersecurity regulations establishes affirmative cybersecurity oversight duties and requires companies to report extortion payments to the agency....more
The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more
On August 8, 2023, the National Institute of Standards and Technology (NIST) released the initial draft of its Cybersecurity Framework 2.0 and draft Implementation Examples for public comment. This marks the first significant...more
If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy. The rapid elevation...more
The National Institute for Standards and Technology (NIST) recently unveiled the first version of its Artificial Intelligence Risk Management Framework (AI RMF 1.0, or “Framework”). This highly anticipated and detailed...more
GREAT SCOTT! Did you know publication of the NIST Cybersecurity Framework (CSF) 2.0 is around the corner? Last updated in 2018, NIST is making substantial changes to the CSF due to evolving threats. What are these changes?...more
The New York Department of Financial Services (NYDFS) published its proposed amendment to its 23 NYCRR Part 500 (Cybersecurity Rules) on November 9, 2022, following the release of the draft version on July 29, 2022....more
The National Institute of Standards and Technology (NIST) is leading the federal government’s charge on a framework for assessing and managing risks in artificial intelligence (AI), with a critical workshop this week to...more
The National Institutes of Science and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain Security Guidance,” in response to directives set forth in President...more
On March 29-31, 2022, the National Institute for Science and Technology (NIST) held its second broad stakeholder workshop on its draft Artificial Intelligence Risk Management Framework, titled Building the NIST AI Risk...more
On Friday, March 25, President Biden and European Commission President Ursula von der Leyen announced a new agreement in principle for trans-Atlantic data flows. Although details about the new Trans-Atlantic Data Privacy...more
The National Institute of Standards and Technology (NIST) is seeking comments to improve its Cybersecurity Framework, “Framework for Improving Critical Infrastructure Cybersecurity” (Request for Information available here)....more
Ransomware incidents continue to be on the rise, wreaking havoc for organizations globally. Ransomware attacks target an organization’s data or infrastructure, and, in exchange for releasing the captured data or...more
In July, Connecticut passed a largely unnoticed new law that followed in the footsteps of Ohio and Utah in limiting damages or creating affirmative defenses for business that experience a data breach after implementing a...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - President Biden Issues Cybersecurity Executive Order - On May 12, 2021, President Biden issued an executive order that placed new standards on the...more
Cyberattacks on organizations with large consumer databases have been on the rise recently. This is certainly true for the insurance industry, which also has been migrating more business to online platforms in an effort to...more
Nearly 700 years ago, England captured King John II of France and held him for ransom for four million écus. But France could not afford to pay, and King John II ultimately traded his two sons as substitute hostages to try...more
On March 1, 2017, the New York State Department of Financial Services (“NYDFS”) Cybersecurity Requirements for Financial Services Companies (the “Cybersecurity Regulation”) became effective. Fast forward four years, where...more
The recent SolarWinds attack alerted the world to the risk of a cyber supply chain attack—an attack through or on your company’s vendors or suppliers. It is increasingly clear that even if you take all the right steps to...more
On February 4, the New York Department of Financial Services (NYDFS) released Insurance Circular Letter No. 2 (2021), a Cyber Insurance Risk Framework (Framework) for insurers that write cyber insurance....more
The New York Department of Financial Services (DFS), which regulates certain covered entities and licensed persons in the financial services sector doing business in New York, recently provided guidance to its regulated...more
United States - Regulatory—Policy, Best Practices, and Standard - NIST Unveils Draft Guidance to Protect Critical Infrastructure - On October 22, 2020, the National Institute of Standards and Technology ("NIST")...more