Alston & Bird Privacy, Cyber & Data Strategy Blog

Board Governance & Cyber Risk Management

FTC Consumer Protection Bureau Director Highlights Efforts to Strengthen Data Security Orders

By

On January 6, 2020, the Federal Trade Commission’s (FTC) Bureau of Consumer Protection Director Andrew Smith published a blog post summarizing the agency’s “New and improved FTC data security orders,” as part of its efforts to provide “better guidance for companies” and “better protection for consumers.” Smith noted that strengthening the FTC’s orders in data […]

Wim Nauwelaerts Authors Summary of EDPB’s Guidelines of the GDPR

By

Wim Nauwelaerts, Brussels partner and leader of the firm’s EU Privacy and Data Protection practice, has authored a summary of the European Data Protection Board’s (EDPB) guidelines on the territorial scope of the GDPR. On November 12, 2019, the EDPB adopted the final version of its guidelines – almost one year after they had been […]

Warning: Iranian Cyber Response Possible Against Private Industry

By and

After Friday’s announcement of the killing of Major General Qassem Soleimani, a leader of Iran’s Quds Force, several regulators have put industry on high alert of the increased potential for cyber-attack.  Iran has a known history of launching cyber-attacks against US industry, and regulators warn industry to prepare for a possible rise in cyber-attacks. The […]

Schrems 2.0: Standard Contractual Clauses Declared Valid by EU Advocate General

By and

  The Advocate General’s Opinion of December 19, 2019 deemed valid the Standard Contractual Clauses (SCCs) adopted by the European Commission for the transfer of personal data from controllers to processors. Currently, many companies rely on SCCs as a mechanism for transferring personal data from the EU to non-EU countries in compliance with the GDPR. […]

Treasury Announces Sanctions Against Cybercriminal Group Behind ‘Dridex’ Malware, Offering Mitigation Strategies for Businesses

By

On December 5, 2019, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) issued sanctions against Evil Corp, a Russian cybercriminal organization that is known for distributing the Dridex malware. Dridex is a banking trojan that has been used to target financial institutions across the globe and has resulted in more than $100 million […]