AUTHOR ARCHIVES: Kimberly Peretti

Kimberly Peretti

Kimberly (Kim) Kiefer Peretti is a partner in the firm’s White Collar Crime Group and co-chair of our Security Incident Management and Response Team. Read more→

DOJ to Host Cybersecurity Roundtable on Data Breaches

Posted on: 27 Apr 2015

On April 29, 2015, the Department of Justice’s Criminal Division will host a cybersecurity industry roundtable on data breaches. The event, which will include audience question and answer sessions, will focus on a range of recent industry developments. The event will feature a discussion of cybersecurity from the national security perspective by John P. Carlin, Assistant Attorney General in the National Security Division; a conversation on government-industry interaction featuring James C. Trainor, Acting Assistant Director of the Cyber Division at the FBI, and Stuart J. Tryon, Special Agent […] Read more

Retail Breaches: Investigating Payment Card Breaches

Posted on: 29 Jan 2014

“Challenges in Conducting Breach Investigations: Part 2,” was published in April 2013 by Law360, however, given the recent spate of retail breaches involving payment cards, it is highly relevant to entities experiencing these types of incidents. The article describes some of the challenges to conducting breach investigations in response to increasingly sophisticated attacks. In particular, the article takes a closer look at how to investigate and respond to payment card breaches—both because of their unique nature and their potentially grave implications. Written by Kimberly […] Read more

NIST’s Preliminary Cybersecurity Framework Could Have Broad Implications for Critical, Non-Critical Infrastructure Alike

Posted on: 16 Dec 2013

On October 22, 2013, the National Institute of Standards and Technology (NIST) released its Preliminary Cybersecurity Framework (“Framework”), marking one of the final steps in creating the “voluntary” Framework envisioned in an Obama Administration Executive Order (EO) issued earlier this year. That EO, which was designed to strengthen the cybersecurity of the United States’ critical infrastructure, required NIST to work with the private sector to develop a cybersecurity Framework to reduce the risks from cyber attacks. The Framework is designed to identify beneficial […] Read more

New European Data Breach Rules for Telcos and ISPs

Posted on: 11 Sep 2013

On August 25, 2013, a new European Regulation came into effect that changed and expanded upon the breach notification procedures set forth in the E-Privacy Directive (2002/58/EC). The Regulation outlines two independent notification obligations: (1) notification to the relevant national authority within 24 hours after detection of a personal breach where feasible; and (2) notification to affected individuals when the personal data breach is likely to adversely affect the personal data or privacy of a subscriber or individual without undue delay. Notification to subscribers or individuals is not […] Read more