Cybersecurity Archives

How to Comply With Biden’s Executive Order on Cybersecurity

June 10, 2021
Max Totsky
Cybersecurity, Executive Order, Government Contracting

On May 12, President Joe Biden issued his 44th executive order of the year– and his first targeting cybersecurity. The executive order is primarily concerned with protecting federal networks from cybersecurity threats, with many of its requirements aimed at federal contractors. Additionally, the order functions as a call for a more generally secure cyberspace, and urges…

Become a member to access this content.

UN Releases Report on First International Cybersecurity Agreement

Cybercrime has moved beyond the realm of small-time hackers looking for a quick payout. In fact, independent research from the University of Surrey indicates a 100 percent rise in cyber warfare conducted by nation states. In response, the United Nations released a report in March that establishes guidelines for UN member states to follow when…

Become a member to access this content.

How to Use New CSBS Cybersecurity Examination Tool

March 5, 2021
Max Totsky
Cybersecurity, Data Privacy, Data Protection, Uncategorized, US Regulatory

Any nonbank institution looking to protect against, mitigate and respond to cybersecurity threats should take advantage of the Conference of State Bank Supervisors’ (CSBS) new cybersecurity examination tool. Unveiled during the Nationwide Multistate Licensing System Annual Conference in February, the resource is designed for state regulators to use during examinations, and for organizations to self-evaluate…

Become a member to access this content.

EU Releases Draft Decision on UK Data Privacy Standards

February 27, 2021
Max Totsky
Compliance, Cybersecurity, European Union, GDPR, Governance, Privacy Shield, United Kingdom

Since the start of 2021, post-Brexit data relationships between the European Union and the United Kingdom have been governed by The EU-UK Trade and Cooperation Agreement, which established a 4-6 month temporary period where data could flow freely between the two jurisdictions. Beyond that, the future was unclear. The grace period could have been extended…

Become a member to access this content.

A Guide to New Draft SCCs–and the EDPB’s Response

February 11, 2021
Max Totsky
Banks, Cybersecurity, Data Privacy, Data Protection, European Union, GDPR, International Agreements, Privacy Shield, Third Party Compliance, Uncategorized

Ever since the EU-US Privacy Shield was struck down in Schrems 2.o, companies have been scrambling to figure out how to safely transfer data in and out of the EU while remaining compliant with the General Data Protection Regulation (GDPR). At this point, the general consensus is that transfers from the EU should only be…

Become a member to access this content.

2020 News in Review

January 4, 2021
Tim Crino
Africa, Artificial Intelligence, Banks, Biometric, Brazil, Breach prevention, Breach response, Business Continuity, C-Suite, Canada, CCPA, CISO, CMMC, CNIL, Compliance, Consumer Privacy, COVID-19, Cyber Fraud, Cybercrime, Cybersecurity, Data Mapping and Inventory, Data Privacy, Data Protection, Data Rights Management (DRM), data trusts, differential privacy, DPO, Dubai, European Union, Federal Reserve, Federated Learning, Financial Services, GDPR, GLBA, Governance, Government Contracting, Hiring, Hybrid, International Agreements, Investigations, Japan, Machine Learning, New York State, NIST, Penalties and Enforcement, Phishing, Privacy, Privacy Shield, Project Management, Resilience, State Laws, Third Party Compliance, United Kingdom, US Regulatory, Work from Home

Week Ending December 28 ICO Warns SolarWinds Victims to Report Breaches The United Kingdom’s Information Commissioner’s Office (ICO) has issued a warning to organizations compromised by the SolarWinds breach. The breach, which was carried out by Russian hackers, affected more than 18000 organizations worldwide. ICO requires UK data controllers subject to NIS regulations to report…

Become a member to access this content.

What We Can Learn From the SolarWinds Breach

December 22, 2020
Max Totsky
Breach prevention, Breach response, Business Continuity, Consumer Privacy, Cyber Fraud, Cybercrime, Cybersecurity, Data Privacy, Data Protection, Government Contracting, Privacy, Third Party Compliance
0 Comments

SolarWinds, a network management software company, found itself the direct victim of an insidious malware breach last week that had been in the works for months. The hack involved the installation of malware onto an updated version of their software,…

2021 Forecast for Data Privacy Legislation

December 22, 2020
Max Totsky
CISO, Compliance, Consumer Privacy, COVID-19, Cybersecurity, Data Privacy, Data Protection, GDPR, Governance, International Agreements, Op-Ed, Privacy Shield
0 Comments

2020 was a massive year for data privacy. New laws became effective all around the world and, in turn, organizations were forced to amp up their data privacy measures to comply. Data privacy regulations are only getting stricter, and that…

Does Your Organization Need a Chief Privacy Officer?

December 10, 2020
Tim Crino
Breach prevention, C-Suite, CISO, Compliance, Cybersecurity, Data Privacy, Data Protection

As the presence of global data privacy legislation continues to rise, so does the importance of privacy-related positions. The EU’s General Data Protection Regulation (GDPR) mandates that companies hire a Data Protection Officer, and related roles like Chief Information Security Officer (CISO) have also become more valued. One of the most concrete action items a…

Become a member to access this content.

New Zealand’s Data Privacy Law Now Effective

December 2, 2020
Max Totsky
Breach prevention, Breach response, Compliance, Consumer Privacy, Cybersecurity, Data Privacy, Data Protection, Data Rights Management (DRM)

On December 1, New Zealand’s new data privacy law took effect. The Privacy Act 2020 impacts every organization with a physical or virtual presence in New Zealand. Any offshore organization that collects data from New Zealanders must comply. This marks the suspension of 1993’s Privacy Act and puts the pressure on organizations to handle data…

Become a member to access this content.