Defending Against Director & Officer Litigation
Posted on Feb 19, 2015 in Uncategorized | Comments Off on Defending Against Director & Officer Litigation
One form of ancillary litigation that has arisen out of data breaches is shareholder derivative lawsuits against companies that suffer a data breach. In one recent case, Palkon v. Holmes, No. 2:14-cv-01234-SRC-CLW (D.N.J. Oct. 20, 2014), a court dismissed such a shareholder derivative action. The claims arose out of a series of data breaches against the Wyndham Worldwide hotel chain....
Federal Data Breach Notification Legislative Updates
Posted on Feb 4, 2015 in Uncategorized | Comments Off on Federal Data Breach Notification Legislative Updates
In the United States, there is no federal law addressing data breach notification obligations that would apply across all sectors. Although legislation has been previously introduced in Congress, none have been enacted into law. With the start of the new Congressional session, Congress and the Obama Administration are continuing efforts to establish a single data breach notification...
SEC and FINRA Exam Priorities
Posted on Feb 3, 2015 in Uncategorized | Comments Off on SEC and FINRA Exam Priorities
In their recent examination priorities letters, both the SEC and FINRA highlighted cybersecurity as an area of focus for 2015 exams. In the SEC letter, the Office of Compliance Inspections and Examinations (OCIE) explained that it will continue its 2014 initiative to examine broker-dealers’ and investment advisers’ cybersecurity compliance and controls, and also plans to expand the...
USPS Report on NCOA’s Change of Address Procedures Finds Inadequate Protection of Customer Information
Posted on Jan 25, 2015 in Uncategorized | Comments Off on USPS Report on NCOA’s Change of Address Procedures Finds Inadequate Protection of Customer Information
In September 2014, a report of the United States Postal Service’s (USPS) Office of Inspector General (OIG) found that the security controls used by the National Change of Address Program (the NCOA Program) do not sufficiently protect the confidentiality and integrity of customer information. In particular, inadequate data protection by the NCOA Program’s National Change of Address...
Cybersecurity Announced as a 2015 Exam Priority by the SEC and FINRA
Posted on Jan 23, 2015 in Uncategorized | Comments Off on Cybersecurity Announced as a 2015 Exam Priority by the SEC and FINRA
In January 2015, the U.S. Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) each announced their 2015 examination priorities, and both agencies emphasized cybersecurity as a primary exam focus (SEC Examination Priorities, FINRA Examination Priorities). The SEC has designated cybersecurity as a market-wide risk in its examination priorities...
NIST Guidance Encourages Coordinated Incident Response
Posted on Dec 23, 2014 in Uncategorized | Comments Off on NIST Guidance Encourages Coordinated Incident Response
The National Institute of Standards and Technology (NIST) has proposed guidance on cyber threat information sharing. In its October 2014 draft, NIST seeks to leverage shared information to enhance cybersecurity through coordinated incident response. Specifically, NIST recommends that, to enhance its cybersecurity posture and ability to respond to a cyber incident, an organization...
Subscribe
FEATURED
Check out the BreachLawWATCH app which allows easy access to data breach statutes across the United States and a growing number of jurisdictions.
Video: As the challenges cybersecurity and data privacy present are often global
