Amy Mushahwar

About Amy Mushahwar

Amy Mushahwar is a partner on the Privacy & Data Security and Cybersecurity Preparedness & Response teams. Amy has over 20 years of experience in the technology space and focuses her practice on data security, cyber risk, privacy, and emerging technologies. She advises clients on proactive data security practices, data breach incident response, and regulatory compliance.

[Read Bio]

State Financial Regulators Issue Ransomware Mitigation Tool

October 16, 2020 By Kimberly Peretti, Amy Mushahwar and Alysa Austin

On October 13, 2020, state financial regulators in partnership with the Bankers Electronic Crimes Taskforce and the U.S. Secret Service, released the Ransomware Self-Assessment Tool (R-SAT) to help financial institutions mitigate the risks of ransomware. The R-SAT is a detailed questionnaire designed to evaluate the effectiveness of an institution’s general security controls as well as […]

The NYDFS Brings First Enforcement Action under the Cybersecurity Regulation

July 27, 2020 By Kimberly Peretti, Amy Mushahwar and Dorian Simmons

On Tuesday, July 21, 2020, the New York Department of Financial Services (the “NYDFS”) brought its first enforcement action under its Cybersecurity Regulation (the “Regulation”) against a large title insurer (the “Company”) for failing to protect sensitive personal information. The NYDFS is seeking civil monetary penalties, an order requiring the Company to remedy the alleged […]

UK National Cyber Security Centre Advisory: Russian Attackers, APT29, Targets Companies Involved in COVID-19 Vaccine Development

July 17, 2020 By Amy Mushahwar, Kimberly Peretti and Larry Sommerfeld

Yesterday, the UK National Cyber Security Centre and Canada’s Communications Security Establishment released an advisory linking APT29 (also known as, ‘the Dukes’ or ‘Cozy Bear’) to attacks against COVID-19 vaccine development in Canada, the US and the UK. The Advisory stated that APT29 is “almost certainly part of the Russian intelligence services.” APT29/Cozy Bear was […]

Location and Mobile Data in the Fight against COVID-19 – An Overview of U.S. and Global Efforts

April 11, 2020 By Amy Mushahwar, Daniel Felz and Jon Knight

Governments are increasingly seeking to leverage consumer geolocation and other mobile device data to assist with fighting the spread of COVID-19, as cases continue to mount globally. Location data can be of significant value to public health models, such as models that determine areas where social-distancing measures are needed or test whether such measures are […]

New York Financial Regulator Requires COVID-19 Risk Assessment, Operational Planning

March 19, 2020 By Michael Young and Amy Mushahwar

Last week the New York Department of Financial Services (the “Department”) issued letters to all its licensed financial institutions. Based on these letters (available here and here), all Department licensees must assess and plan for the financial risk of COVID-19 and, separately, develop operational plans for managing their response to the virus. The Department requires […]