Alston & Bird Privacy, Cyber & Data Strategy Blog

Cybersecurity

EU Announces First Sanctions under EU Cyber Sanctions Regime

By

On July 30, 2020, the European Council announced sanctions against six individuals and three organizations for their involvement in a series of cyber-attacks that have caused significant damage in the EU and around the world over the last several years. The announcement follows the EU’s adoption last year of Decision (CFSP) 2019/797, which established the […]

SEC Creates Event and Emerging Risk Examination Team

By

Following OCIE’s recent and detailed risk alert regarding the threat of ransomware, the SEC today announced that it has created the Event and Emerging Risk Examination Team (EERT) as a part of the Office of Compliance Inspections and Examinations (OCIE).  The EERT will engage with registrants regarding emerging threats and current market events, to provide […]

The NYDFS Brings First Enforcement Action under the Cybersecurity Regulation

By and

On Tuesday, July 21, 2020, the New York Department of Financial Services (the “NYDFS”) brought its first enforcement action under its Cybersecurity Regulation (the “Regulation”) against a large title insurer (the “Company”) for failing to protect sensitive personal information.  The NYDFS is seeking civil monetary penalties, an order requiring the Company to remedy the alleged […]

UK National Cyber Security Centre Advisory: Russian Attackers, APT29, Targets Companies Involved in COVID-19 Vaccine Development

By and

Yesterday, the UK National Cyber Security Centre and Canada’s Communications Security Establishment released an advisory linking APT29 (also known as, ‘the Dukes’ or ‘Cozy Bear’) to attacks against COVID-19 vaccine development in Canada, the US and the UK.  The Advisory stated that APT29 is “almost certainly part of the Russian intelligence services.”  APT29/Cozy Bear was […]