NERC and power company reach settlement on violations of cybersecurity standards
Posted on Mar 22, 2018 in Cybersecurity, Energy and Infrastructure | Comments Off on NERC and power company reach settlement on violations of cybersecurity standards
A power company has reached an agreement with the North American Electric Reliability Corporation (NERC) to pay $2.7 million for violations of a cybersecurity reliability standard. This violation resulted from the online exposure of the company’s data due to a vendor’s mishandling of the data, allowing unrestricted third-party access to 30,000 asset records. The violation posed a...
Today’s cybersecurity strategies are “not sufficiently robust or scalable,” Nuclear Threat Initiative says
Posted on Mar 21, 2018 in Cybersecurity, Energy and Infrastructure | Comments Off on Today’s cybersecurity strategies are “not sufficiently robust or scalable,” Nuclear Threat Initiative says
The cyber threat to nuclear facilities is serious, but the challenge going forward is evident,” Dr. Page Stoutland, NTI vice president of scientific and technicals affairs, said in the post. “Threats and vulnerabilities will continue to mount. Today’s strategy is not sufficiently robust or scalable, and a high level of cybersecurity may never be compatible with current nuclear plant...
About face: court finds biometric information creates unique privacy rights
Posted on Mar 13, 2018 in Cybersecurity, Financial Services, Litigation | Comments Off on About face: court finds biometric information creates unique privacy rights
A recent decision from a California federal court increases the risks to companies that use biometric information and reinforces the need to strictly comply with the requirements of biometric protection statutes. Key Takeaways The suit arises from the Illinois Biometric Information Privacy Act (BIPA), which governs the collection, storage, and use of biometric information, including...
The SEC wants companies to talk about cybersecurity
Posted on Mar 8, 2018 in Cybersecurity, Financial Services, Regulation, Securities & Corporate Governance | Comments Off on The SEC wants companies to talk about cybersecurity
On February 21, 2018, the Securities and Exchange Commission issued an interpretive release providing important guidance to certain registrants on cybersecurity disclosure. The guidance makes clear its view that material risks or incidents related to cybersecurity fall within a company’s ongoing obligation to disclose material information in current and periodic reports. The guidance...
Helping it click into place – Our monthly Asia cybersecurity update
Posted on Mar 3, 2018 in Cybersecurity, Regulation | Comments Off on Helping it click into place – Our monthly Asia cybersecurity update
During 2017, cyberattacks continued to evolve and develop sophistication, exploiting both previously unidentified vulnerabilities and known vulnerabilities in new ways. Ransomware attacks such as Petya and WannaCry put critical functions across the world and across industries on hold, while the Mirai botnet attack, unleashed in late 2016, highlighted the increasing vulnerabilities of...
Subscribe
FEATURED
Check out the BreachLawWATCH app which allows easy access to data breach statutes across the United States and a growing number of jurisdictions.
Video: As the challenges cybersecurity and data privacy present are often global
