The Federal Financial Institutions Examination Council (FFIEC) has issued two joint statements warning of specific cyber risks. The warnings, which were issued on March 30, 2015, address risks arising from destructive malware, which can destroy sensitive data, and cyber-attacks that compromise user credentials. In both statements, the FFIEC also provides guidance on how to mitigate […]
Cybercrime
President Obama Signs Executive Order Authorizing Sanctions for Cyber Attacks, Use of Stolen Data
On April 1, 2015, the White House unveiled Executive Order 13694, which authorizes the Treasury Department to sanction entities outside of the United States that engage in “cyber-enabled activities” that are “reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial […]
President Obama Proposes Strict National Data Breach Notification Law Ahead of State of the Union
On January 12, 2015, during a speech before the Federal Trade Commission (FTC), President Barack Obama announced that he would propose legislation to create a national, uniform data breach notification law. The White House later released the full text of the proposed bill. The President highlighted that a national breach notification law would benefit both […]
Kim Peretti Addresses Cyber Risk with the National Retail Federation
The National Retail Federation featured a three-part series, “Talking Tactics,” that examined cybercrime in retail and how the industry is responding. Kim Peretti, co-chair of Alston & Bird’s Security Incident Management & Response Team and a former U.S. Department of Justice senior litigator, says mitigation planning amounts to corporate governance. “There need to be people who […]
Data Protection Commissioners Adopt Resolution on International Cooperation
On October 14, the International Data Protection and Privacy Commissioners’ (“IDPPC”) conference adopted a resolution calling for increased enforcement cooperation among international data protection authorities. Data protection authorities from around the world participated in the IDPCC conference, including representatives from Europe, Asia, the United States (including the Federal Trade Commission), and South America. In the […]