Privacy Law Blog

Tag Archives: cybersecurity

Cybersecurity: SEC and Other Regulators

In today’s world, cybersecurity breaches and threats are pervasive concerns for any business entity, without exception. Working from home arrangements due to COVID-19 constraints only magnify the risk and create further vulnerabilities for companies. Companies should be aware of (1) the key cyber threats they face, (2) the consequences of a breach, and (3) the … Continue Reading

Trends in Privacy and Data Security

Privacy and cybersecurity remain top priorities for regulators and companies alike, as the threats posed by large-scale data breaches and other cyber incidents show no signs of waning. Companies and their counsel must monitor privacy and data security-related enforcement trends, new laws and regulations, and key emerging issues to mitigate risks and minimize potential liability. … Continue Reading

FTC Ramps up COVID-19 Activity After Improving its Data Security Enforcement Orders

With the spread of the novel coronavirus (COVID-19), cybersecurity criminals and scammers are ramping up their efforts to target vulnerable employers and workforces. The FTC announced today that since January they have received more than 7,800 fraud complaints from consumers related to the COVID-19 pandemic. But the FTC isn’t slowing down either. Even with the … Continue Reading

A Primer on the SHIELD Act: New York’s Move to Adopt More Stringent Data Security Requirements

In November 2017, New York Attorney General Eric Schneiderman introduced the Stop Hacks and Improve Electronic Data Security (SHIELD) Act (the “Act”) in the state’s Legislature. Companies – big and small – that collect information from New York residents should take note, as the Act could mean increased compliance costs, as well as potential enforcement actions for those that … Continue Reading

SEC Issues Updated Guidance on Public Company Cybersecurity Disclosures

On February 21, 2018, the Securities and Exchange Commission (SEC) issued an interpretive Commission Statement and Guidance on Public Company Cybersecurity Disclosures (the “Guidance”) to assist public companies in meeting their cybersecurity disclosure requirements under the federal securities laws. The Guidance notes that, as reliance on networked systems and the Internet have increased, so too have the risks … Continue Reading

White House Posts Preliminary Cybersecurity Incentives

In February of 2013, President Obama signed an executive order with the purpose of creating a cybersecurity framework (or set of voluntary standards and procedures) to encourage private companies that operate critical infrastructure to take steps to reduce their cyber risk (see our blog here). Critical Infrastructure Systems such as the electric grid, drinking water, … Continue Reading

Who Do You Trust? Proposed Cybersecurity Bill Would Encourage Public-Private Cyber Threat Information Exchange by Providing Legal Immunity

“Who Do You Trust” was a 1950’s game show that required players to decide whether they could rely upon the information provided by their partners to win cash prizes of $25, $50 and $75. In today’s increasingly networked environment, there’s a lot more at risk in trusting another’s information about cybersecurity. Corporations and industries complain … Continue Reading
LexBlog