Header graphic for print
Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Cybersecurity

Subscribe to Cybersecurity RSS Feed

Privacy Monday – February 24, 2014

Posted in Cybersecurity, Data Breach, Privacy Monday

On this Privacy Monday: US Attorney General Puts Pressure on Congress for Data Breach Disclosures Today, US Attorney General Eric Holder urged Congress to pass legislation requiring retailers to make significant customer data breaches known in a timely manner.   This push follows Congressional hearings where members of Congress expressed dismay over the Target and Neiman… Continue Reading

“Sophisticated” Breach Exposes 300,000 Student Records at University of Maryland: 3 Questions You Should Ask

Posted in Cybersecurity, Data Breach, Data Breach Notification

  Officials at the University of Maryland (“University” or “UMD”) announced that UMD was the victim of a significant security breach that took place on Tuesday, February 18 (the “Breach” or “Incident”). The Incident, characterized as a “sophisticated computer security attack” by both the University’s President and the Chief Information Officer, exposed records containing the… Continue Reading

NIST Framework for Critical Infrastructure Released

Posted in Cybersecurity

The release yesterday of the Framework for Improving Critical Infrastructure Cybersecurity by the National Institute of Standards and Technology caps a year-long effort by NIST to find an industry consensus for assessing and improving the cybersecurity of the nation’s privately-owned critical infrastructure. We will be publishing a more detailed analysis of the final Framework in… Continue Reading

On the Fifth Day of Privacy, the SEC Gave to Me…..

Posted in Cybersecurity, Data Breach, Privacy Litigation, Security

Sing it with me now….. FIVE GOLDEN RULES! Written by Adam Veness As public companies prepare for the New Year and the start of yet another annual reporting season, it is the perfect time to reflect on our 2013 prediction that the SEC would require greater disclosure relating to cybersecurity risks and data breaches.  As… Continue Reading

DoD Requires Safeguarding Technical Data

Posted in Cybersecurity, Data Compliance & Security, Security

The Department of Defense (DoD) has published its new final rule governing the security measures imposed on DoD unclassified technical information resident on or passing through the unclassified information systems of its contractors and subcontractors. This final rule will require contractors to safeguard unclassified controlled technical information and to report the compromise of such information… Continue Reading

Privacy Monday – November 18, 2013

Posted in Children, Cybersecurity, Privacy Monday, US Supreme Court

The month of November is quickly slipping by – this is the time to be looking at the 2014 cybersecurity and data privacy goals and updates and planning ahead. Our selected bits and bytes for this Monday: FTC Denies AssertID, Inc.’s Application for Obtaining Verifiable Consent Under the COPPA Rule The FTC recently announced (press… Continue Reading

Privacy Monday: October 28, 2103 — NIST Cybersecurity “Framework” Published for Comment

Posted in Cybersecurity, Data Compliance & Security, Privacy Monday

Written by Jonathan Cain The National Institute of Standards and Technology (NIST) has published its preliminary cybersecurity “Framework” that it was directed to develop in Executive Order 13636. The Executive Order requires that NIST develop and publish a cybersecurity Framework to protect national critical infrastructure through a “prioritized, flexible, repeatable, performance-based, and cost-effective approach, including information… Continue Reading

October is National Cyber Security Awareness Month

Posted in Cybersecurity, Identity Theft

DID YOU KNOW? –       93 percent believe their online actions can protect not only friends and family but also help to make the Web safer for everyone around the world. –       Nearly two-thirds of the American public have heard, read or seen something about online safety and security issues recently. However, most of what the… Continue Reading

Privacy Monday – September 9, 2013 — NIST Draft Cybersecurity Framework

Posted in Class Action Litigation, Cybersecurity, Data Breach, Privacy Monday

This Privacy Monday, there are a few important items of note, rather than the usual “bits and bytes”. NIST RELEASES DISCUSSION DRAFT OF CYBERSECURITY FRAMEWORK After several months of work, the National Institute of Standards and Technology has published a draft of its cybersecurity “Framework.” Developed in response to an executive order from President Obama,… Continue Reading

BOSTON: Join Us for “Cybersecurity: It’s Not Just for IT Anymore”

Posted in Class Action Litigation, Cybersecurity, Data Breach, Data Compliance & Security, Privacy Litigation, Privacy Regulation, Security

If you are in the Boston area (or will be on September 26), please join us for an afternoon discussion on cybersecurity and the growing risk to corporate directors.   It’s no longer just the purview of a company’s IT or compliance personnel.  Cybersecurity needs to be elevated to boardroom discussion and this seminar will cover what… Continue Reading

Privacy Monday – July 29, 2013

Posted in 201 CMR 17.00, Cybersecurity, Data Breach, Data Breach Notification, European Union, Privacy Monday

Privacy goofs, gaffes and tidbits for the last Monday in July —   NSA Surveillance Causes More Grief –Germany Calls for a Stop to Safe Harbor:  Time for Binding Corporate Rules?  According to news sources the federal and state German data protection commissioners late last week sent a letter to German Chancellor Angela Merkel, requesting… Continue Reading

Survey Says: Fortune 500 Disclosing Cyber Risks

Posted in Cybersecurity

Written by Adam Veness Ever since our 2013 prediction, an ever increasing number of public companies are adding disclosure related to cybersecurity and data breach risks to their public filings.  We previously analyzed how the nation’s largest banks have begun disclosing their cybersecurity risks.   Now, it appears that the rest of the Fortune 500 companies… Continue Reading

D.C. Developments on the Cybersecurity Front – UPDATE

Posted in Cybersecurity

Written by Cynthia Larose and Heidi Lawson UPDATE:  The House Permanent Select Committee on Intelligence passed the Cyber Intelligence Sharing and Protection Act (CISPA) this afternoon. The vote was 18 in favor and two (Adam Schiff (D-CA) and Jan Schakowsky (D-IL)) against.   For more information, read The Hill.   The last 24 hours have seen… Continue Reading

Cybersecurity Disclosure: A Panel Discussion with the SEC’s Division of Corporation Finance

Posted in Cybersecurity, Data Breach

Last week in Washington, D.C., this author had the opportunity to sit in on a panel discussion by the SEC’s Division of Corporation Finance (“CorpFin”) discussing, among other things, recent developments in cybersecurity disclosure in public company filings.  The panel included CorpFin’s Acting Director Lona Nallengara, Deputy Director of Disclosure Operations Shelley Parratt and others from CorpFin…. Continue Reading

Privacy and Security Not the Only Concerns in the Cloud

Posted in Cloud Computing, Cybersecurity, Data Compliance & Security

Written by Jonathan Cain Security and privacy are the most frequently expressed concerns about cloud computing (defined for this article to include software as a service, platform as a service and storage as a service), but for companies that engage in research, design, development, manufacturing and servicing of items that are subject to U.S. export… Continue Reading

To the Nation’s Largest Banks: Thanks for Reading

Posted in Cybersecurity, Security

It seems that some of the nation’s largest public company banks must be avid readers of this blog and have taken to heart our 2013 prediction that the SEC would require greater disclosure related to data security risks and breaches.  In their recent annual reports, Goldman Sachs Group Inc., Citigroup, Inc., Bank of America Corp…. Continue Reading