On September 15, 2015, the Security and Exchange Commission’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert to provide additional information on the areas of focus for its second round of cybersecurity examinations. The OCIE’s initial cybersecurity examinations in 2014 were to identify cybersecurity risks and assess cybersecurity preparedness in the securities […]
Board Governance & Cyber Risk Management
Kim Peretti Appointed Co-Chair of Georgetown Cybersecurity Law Institute
Kim Peretti, co-chair of Alston & Bird’s Cybersecurity Preparedness & Response Team, has been invited to be a co-chair of Georgetown’s Cybersecurity Law Institute. The Cybersecurity Law Institute is in its third year and Ms. Peretti has been an advisory board member of the Institute for the past two years. In that time, she has already […]
Kim Peretti Speaking at NIST’s 2015 Cybersecurity Innovation Forum
Kim Peretti, co-chair of Alston & Bird’s Cybersecurity Preparedness & Response Team, will be a featured speaker at the 2015 Cybersecurity Innovation Forum (CIF) in Washington, DC, hosted by The National Institute of Standards and Technology (NIST). The CIF takes place September 9 – 11 and is a three-day event being planned with participation from the Department […]
Third Circuit Affirms FTC’s Authority to Regulate Data Security
On August 24, 2015, the Third Circuit affirmed U.S. District Court Judge Esther Salas’ April 2014 ruling in FTC v. Wyndham Worldwide Corp., et al. (“Wyndham”) that the FTC has the authority to regulate private companies’ cybersecurity practices under Section 5 of the FTC Act. (Prior blog posts on this case can be found here […]
Illinois Governor Vetoes Data Protection Bill; Suggests Revisions
Illinois Governor Bruce Rauner vetoed a bill amending the state’s data breach notification law on August 21, 2015, saying in a letter to the General Assembly that the bill “goes too far, imposing duplicative and burdensome requirements that are out-of-step with other states.” The bill, S.B. 1833, would have amended Illinois’ Personal Information Protection Act […]