Uncategorized

On Wednesday, the National Institute for Standards and Technology (NIST) released a draft framework on voluntary cybersecurity standards for critical infrastructure that attempts to further formalize industry best practices, offer language implementation, and define privacy requirements. The documents supporting the framework were released in advance of the Fourth Cybersecurity Framework workshop on Sept.11-13, 2013, in Dallas. […]

The Payment Card Industry Security Standard Council (PCI SSC) recently released a set of anticipated changes to the PCI Data Security Standard (PCI DSS) and Payment Application-Data Security Standard (PA-DSS). PCI SSC identified 5 challenges and key drivers for change including; 1) lack of education and awareness; 2) weak passwords, authentication; 3) third party security […]

Kim Peretti, co-chair of the firm’s Security Incident Management & Response Team and Bruce Sarkisian, an associate in the Technology, Privacy & IP Transactions practice, authored an article in the Summer 2013 Edition of The SciTech Lawyer, released by the American Bar Association’s Section of Science & Technology Law. “This issue looks into the rapidly evolving issues […]

In February, the Obama Administration issued an Executive Order designed to strengthen the cybersecurity of the United States’ critical infrastructure. As part of that Order, the Department of Commerce’s National Institute of Standards and Technology (“NIST”) was tasked with developing a cybersecurity framework (“Framework”). The Framework will seek to align critical infrastructure stakeholders’ practices and […]

Dominique Shelton, an experienced litigator and counselor, partner in the Litigation group and Claire Lucy Readhead, Associate, co-wrote the Law360 article “No Cookie for You: How COPPA Will Affect Your Company.” Consumers generate “Big Data” through e-mail, Facebook, Twitter, LinkedIn, YouTube and many other sources. Companies buy and sell Big Data and personal data for the […]