Category Archives: cybersecurity

Sharing Cyber Threat Information

The Information Sharing and Analysis Organization-Standards Organization (ISAO-SO) was set up under the aegis of the Department of Homeland Security pursuant to a Presidential Executive Order intended to foster threat vector sharing among private entities and with the government. ISAOs are proliferating in many critical infrastructure fields, including health care, where cybersecurity and data privacy …

Read more »

Broadband Internet Service Providers In Regulatory Limbo After Repeal of FCC Privacy and Data Security Rules

Potentially signaling the end of the short-lived stint by the Federal Communication Commission (“FCC”) to regulate consumer data privacy on the internet, the Trump Administration recently repealed Obama-era data privacy and security rules for broadband providers.  The action, passed by Congress and signed by President Trump pursuant to the Congressional Review Act, completely rescinds the …

Read more »

Proposed Federal Cybersecurity Regulations for Financial Institutions Face Uncertain Future

Last year’s proposed comprehensive framework for cybersecurity rules for large financial institutions is suddenly facing an uncertain future.1With the comment period having closed as of February 2017, the framework was facing criticism as unnecessary for an industry already subject to a host of federal, state, and international cybersecurity regimes. That criticism – now coupled with …

Read more »

Cybersecurity: Yes, They Will Hack Your Car

Auto manufacturers are increasingly equipping vehicles with rapidly advancing technologies, raising concerns regarding how the public will be affected by these changes. Manufacturers are beginning to implement automated driving and vehicle-to-vehicle (V2V) communication capabilities into their cars, extending potential cybersecurity threats and associated safety issues to road users. As consumers, we already see cybersecurity threats …

Read more »

Data Breaches Will Cost Yahoo and Verizon Long After Sale

Five Things You (and Your M&A Diligence Team) Should Know Recently it was announced that Verizon would pay $350 million less than it had been prepared to pay previously for Yahoo as a result of data breaches that affected over 1.5 billion users, pending Yahoo shareholder approval. Verizon Chief Executive Lowell McAdam led the negotiations for …

Read more »

In re: Target Corporation Customer Data Security Breach Litigation — instructive 8th Circuit case re class certification

Jim Sciaroni  v.  Target Corporation Civil case – Class Action in Target Security Breach. The district court’s statement in the class certification order regarding Rule 23(a)(4)’s representation adequacy requirement are conclusions, not reasons, and on their own do not constitute the “rigorous analysis” of whether certification was proper in this case; the court has a continuous duty to reevaluate certification …

Read more »

The Department Of Homeland Security Proposes New Rules Affecting Federal Government Contractors

This week, the Department of Homeland Security (“DHS”) issued three proposed rules expanding data security and privacy requirements for contractors and subcontractors. The proposed rules build upon other recent efforts by various federal agencies to strengthen safeguarding requirements for sensitive government information.  Given the increasing emphasis on data security and privacy, contractors and subcontractors are …

Read more »

Cyber-Attacks: A Problem In 2016, Still A Problem in 2017

A survey of nearly 600 organisations across a variety of industries globally has revealed 98% of these organisations experienced some form of cyber-attack in 2016. (We are left wondering if the other 2% just didn’t notice?) The survey, conducted by cyber-security company Radware, also found that many organisations are still not prepared to face the …

Read more »

The White House’s Revisions to its Breach Response Policy For Federal Agencies and Departments Also Affect Contractors

On January 3, 2017, the Obama Administration issued a memorandum to all executive departments and agencies setting for a comprehensive policy for handling breaches of personally identifiable information (the “Memorandum”), replacing earlier guidance. Importantly, the Memorandum also affects federal agency contractors as well as grant recipients. The Memorandum is not the first set of guidance to federal …

Read more »

Swiss-US Privacy Shield Will Replace Swiss-US Data Protection Safe Harbor

On January 11, 2017, the Swiss Federal Council announced that a new framework will govern the transfer of personal data from Switzerland to the US.  According to the Federal Council, the Swiss-US Privacy Shield Framework “will apply the same conditions as the European Union.”  The International Trade Administration stated that the US Department of Commerce …

Read more »