Privacy Law Blog

Category Archives: Cybersecurity

Subscribe to Cybersecurity RSS Feed

New York Department of Financial Services Proposes Cybersecurity Regulation

On September 13, 2016, New York Governor Andrew Cuomo announced that the New York Department of Financial Services (the “DFS”) proposed a regulation that would require banks, insurance companies, and other financial services institutions regulated by the DFS to establish and maintain a cybersecurity program (the “Proposal”). If the Proposal is adopted, New York would … Continue Reading

Tales from the (Quantum) Crypt

The dream of hack-proof communication just got a little closer to reality. On August 16, 2016, China launched the world’s first “quantum satellite,” a project the Chinese government hopes will enable it to build a communication system incapable of being hacked. Such a system, if perfected, would allow for encrypted communications between any two devices … Continue Reading

Regulators Offer Guidance on Privacy and Security for Health App Developers

This month, the Federal Trade Commission (FTC) issued guidance on privacy and security best practices for health-related mobile apps, such as fitness apps connected with wearables, diet and weight loss apps, and health insurance portals.  At the same time, the FTC unveiled an interactive tool designed to direct health app developers to federal laws and … Continue Reading

SEC Cybersecurity Update

Results from the SEC’s First Round of Cybersecurity Examinations. On February 3, 2015, the OCIE published a risk alert summarizing its findings from its examinations of over 100 registered investment advisers and broker-dealers. The examinations were conducted as part of the OCIE’s cybersecurity examination initiative, announced in April 2014, to assess cybersecurity preparedness in the … Continue Reading

SEC Announces Cybersecurity Enforcement Action

On September 22, 2015, the Securities and Exchange Commission (SEC) announced the settlement of an enforcement action against a St. Louis-based registered investment adviser (Adviser) brought under Rule 30(a) of Regulation S-P (Safeguards Rule). The SEC Order charged the Adviser with violating the Safeguards Rule by failing to adopt written cybersecurity policies and procedures reasonably designed to … Continue Reading

Cybersecurity Guidance for Registered Investment Advisers

This client alert was prepared by my colleagues Robert Leonard, Michael Mavrides and Christopher Wells. On April 28, the Securities and Exchange Commission (SEC) released a Guidance Update addressing the importance of cybersecurity and the steps registered investment advisers (and registered investment companies) may wish to consider in light of growing cybersecurity risks. This Guidance Update … Continue Reading

SEC Releases Results of Cybersecurity Examination Sweep

By Rochelle Emert and Phillip Caraballo-Garrison On February 3, 2015, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert that summarized its findings about cybersecurity preparedness in the securities industry. As part of its Cybersecurity Examination Initiative, the OCIE collected and analyzed information about cybersecurity practices and trends from over 100 … Continue Reading

Courts Address the Level of Security Banks Must Provide to Business Accounts

Big or small, all bank accounts are susceptible to hijacking and fraudulent wire transfers. Banks ordinarily bear the risk of loss for unauthorized wire transfers. Two independent frameworks exist to govern these transfers: the Electronic Fund Transfer Act (“EFTA”) for consumer accounts, and Article 4A of the Uniform Commercial Code (“UCC”) for business accounts. While … Continue Reading

FCC: The New Data Security Sheriff In Town

Data security seems to make headlines nearly every week, but last Friday, a new player entered the ring.  The Federal Communications Commission (“FCC”) took its first foray into the regulation of data security, an area that has been dominated by the Federal Trade Commission.  In its 3-2 vote, the FCC did not tread lightly – … Continue Reading

SEC Commissioner Highlights Need for Cyber-Risk Management in Speech at New York Stock Exchange

As we’ve previously reported, cyber risks are an increasingly common risk facing businesses of all kinds.  In a recent speech given at the New York Stock Exchange, SEC Commissioner Luis A. Aguilar emphasized that cybersecurity has grown to be a “top concern” of businesses and regulators alike and admonished companies, and more specifically their directors, to … Continue Reading
LexBlog

This website uses third party cookies, over which we have no control. To deactivate the use of third party advertising cookies, you should alter the settings in your browser.

OK