• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy Blog

  • Home
  • Services
  • Events
  • Contacts

Kimberly Peretti

About Kimberly Peretti

Kim is a former DOJ cybercrime prosecutor and former director of PwC’s cyber forensics group. She has over 20 years of experience in cybercrime, data breach response, and cybersecurity and delivers top-of-the-line cyber risk management and information security counsel to her clients. Kim is co-lead of our Cybersecurity Preparedness & Response Team.

[Read Bio]

Financial Regulatory Agencies Announce Proposed Rule Requiring Notice of Computer Security Incidents

January 12, 2021 By Kimberly Peretti, Emily Poole and Michael Young

On December 18, 2020, federal financial regulatory agencies jointly announced a proposed rule that would impose new and expanded reporting requirements on supervised banking organizations that experience a “computer-security incident,” requiring notice within 36 hours of any computer-security incident that rises to the level of a “notification incident.” In a significant departure from current reporting […]

Filed Under: Cybercrime, Cybersecurity, Data Security, Enforcement, NYDFS Tagged With: Bank Secrecy Act (BSA), Board of Governors of the Federal Reserve System, Computer-Security Incident, FDIC, Gramm-Leach-Bliley Act (GLBA), Notice of Proposed Rulemaking, Office of the Comptroller of the Currency (OCC), Suspicious Activity Report (SAR)

SolarWinds Hack: Unparalleled Supply Chain Attack Results in Potential Compromise of Private and Public Sector Organizations

December 17, 2020 By Emily Poole and Kimberly Peretti

On Sunday, December 13, 2020, SolarWinds announced that it had learned of a “highly sophisticated, manual supply chain attack” by a nation state affecting its Orion Platform, which is used by a wide variety of public and private sector organizations for IT infrastructure monitoring and management.  In this attack, adversaries were able to compromise the […]

Filed Under: Cybercrime, Cybersecurity, Data Breach, Data Security, Digital Crimes, National Security, Security Breach Tagged With: CISA, Cozy Bear, Department of Commerce (DOC), Federal Bureau of Investigation (FBI), FireEye, Microsoft, ODNI, Russia, SolarWinds, supply chain attack, Treasury

State Financial Regulators Issue Ransomware Mitigation Tool

October 16, 2020 By Kimberly Peretti, Amy Mushahwar and Alysa Austin

On October 13, 2020, state financial regulators in partnership with the Bankers Electronic Crimes Taskforce and the U.S. Secret Service, released the Ransomware Self-Assessment Tool (R-SAT) to help financial institutions mitigate the risks of ransomware.  The R-SAT is a detailed questionnaire designed to evaluate the effectiveness of an institution’s general security controls as well as […]

Filed Under: Cyber Risk, Cybercrime, Cybersecurity, Data Breach, Data Protection, Data Security, Digital Crimes, Enforcement, Financial Privacy, Privacy

The NYDFS Brings First Enforcement Action under the Cybersecurity Regulation

July 27, 2020 By Kimberly Peretti, Amy Mushahwar and Dorian Simmons

On Tuesday, July 21, 2020, the New York Department of Financial Services (the “NYDFS”) brought its first enforcement action under its Cybersecurity Regulation (the “Regulation”) against a large title insurer (the “Company”) for failing to protect sensitive personal information.  The NYDFS is seeking civil monetary penalties, an order requiring the Company to remedy the alleged […]

Filed Under: Cybersecurity, Data Protection, Data Security, Enforcement, Financial Privacy, Insurance Data Security, NYDFS, Regulation

UK National Cyber Security Centre Advisory: Russian Attackers, APT29, Targets Companies Involved in COVID-19 Vaccine Development

July 17, 2020 By Amy Mushahwar, Kimberly Peretti and Larry Sommerfeld

Yesterday, the UK National Cyber Security Centre and Canada’s Communications Security Establishment released an advisory linking APT29 (also known as, ‘the Dukes’ or ‘Cozy Bear’) to attacks against COVID-19 vaccine development in Canada, the US and the UK.  The Advisory stated that APT29 is “almost certainly part of the Russian intelligence services.”  APT29/Cozy Bear was […]

Filed Under: Advisories, Cyber Risk, Cybercrime, Cybersecurity, Data Protection, Data Security, Digital Crimes, National Security

  • Go to page 1
  • Go to page 2
  • Go to Next Page »

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy & Data Security team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • Federal Court Rules Cyber Forensic Report Is Not Protected Under Attorney-Client Privilege Or Work Product Doctrine
  • Financial Regulatory Agencies Announce Proposed Rule Requiring Notice of Computer Security Incidents
  • Brexit Trade Agreement Provides a Temporary Solution for Companies Transferring Personal Data from the EEA to the UK
  • UK ICO Publishes New Data Sharing Code
  • SolarWinds Hack: Unparalleled Supply Chain Attack Results in Potential Compromise of Private and Public Sector Organizations
Copyright © 2021 · Alston & Bird · All Rights Reserved. Privacy.
This website uses cookies to improve functionality and performance. By continuing to browse this site, you are consenting to the use of cookies on this website. OkCookie policy