On March 26, 2015, Benjamin Lawsky, Superintendent of the New York State Department of Financial Services (DFS), sent a letter to the CEOs, General Counsel, and Chief Information Officers of all insurers doing business in the state to inform them of … [Read more] about New York State Regulator to Examine Insurers on Cybersecurity Following Comprehensive Risk Assessments
FFIEC Issues Warnings on Malware and Cyber Attacks
The Federal Financial Institutions Examination Council (FFIEC) has issued two joint statements warning of specific cyber risks. The warnings, which were issued on March 30, 2015, address risks arising from destructive malware, which can destroy … [Read more] about FFIEC Issues Warnings on Malware and Cyber Attacks
Wyoming Broadens Definition of Personal Information In Amended Data Breach Notification Law
Wyoming has updated its data breach notification statute to widen the definition of “personal identifying information” that will trigger notification to individuals. In addition, the amendments prescribe the information to be contained in the notice … [Read more] about Wyoming Broadens Definition of Personal Information In Amended Data Breach Notification Law
Court Finds Hulu Did Not “Knowingly” Disclose PII in Violation of VPPA, Grants Summary Judgment
Ending a four-year battle that has helped define the parameters of the Video Privacy Protection Act’s (VPPA) application to new technologies, on March 31, 2015, Northern District of California Magistrate Judge Laurel Beeler dismissed with prejudice … [Read more] about Court Finds Hulu Did Not “Knowingly” Disclose PII in Violation of VPPA, Grants Summary Judgment
President Obama Signs Executive Order Authorizing Sanctions for Cyber Attacks, Use of Stolen Data
On April 1, 2015, the White House unveiled Executive Order 13694, which authorizes the Treasury Department to sanction entities outside of the United States that engage in “cyber-enabled activities” that are “reasonably likely to result in, or have … [Read more] about President Obama Signs Executive Order Authorizing Sanctions for Cyber Attacks, Use of Stolen Data