On February 9, 2022 the United States, United Kingdom, and Australia issued a joint Cybersecurity Advisory on the “Increased Globalized Threat of Ransomware” against critical infrastructure sectors (“Advisory”). The Advisory lists trends in cyber-criminal activity from the last year and also provides mitigation strategies and recommendations to reduce the risk of compromise and the impact […]
Update: FTC Amendments to the Safeguards Rule and Request for Comment on Proposed Reporting Requirement Published to the Federal Register
As an update to prior coverage of the FTC’s final revisions to the Gramm-Leach-Bliley Safeguards Rule (Final Rule), following its publication in the Federal Register on December 9, 2021, the Final Rule now will take effect on January 8, 2022, 30 days after publication in the Federal Register. Revisions to the Final Rule include an […]
NYDFS Issues Guidance on Multi-Factor Authentication
The New York Department of Financial Services (NYDFS) continues to refine its position regarding the importance of and requirements regarding Multi-Factor Authentication (MFA), as evidenced most recently with the release of new guidance. This new guidance is consistent with its June guidance, in which NYDFS clarified its expectation that NYDFS-regulated covered entities subject to 500.12 […]
Federal Bank Regulatory Agencies Release Final Rule to Require Notification of Cyber Incidents
On November 18, 2021, the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, and the Federal Deposit Insurance Corporation jointly announced the approval of a final rule to improve the sharing of information about cyber incidents that may affect the U.S. banking system. The rule applies to […]
Treasury FinCEN Releases Financial Trend Analysis of Ransomware Trends in 2021
By Kim Peretti, Brian Frey, and Kristen Bartolotta On October 15, 2021 the Financial Crimes Enforcement Network (FinCen) of the Treasury Department issued a financial trend analysis on ransomware relating to Bank Secrecy Act (BSA) reporting filed in the first half of this year. FinCEN examined ransomware-related Suspicious Activity Reports (SARs) filed between January 1 […]