The National Law Review

Share

The National Law Review

 •  November 3

Although the National Cybersecurity Awareness Month of October has come to a close, it is not too late for corporate counsel and risk managers to be thinking about cyber-risk insurance — an increasingly essential tool in the enterprise risk management toolkit. But a prospective policyholder purchasing cyber insurance for the first time may be hard...

The National Law Review

 •  October 15

A hacker has breached the computer system of an unnamed defence contractor and stolen 30 gigabytes of data, including information on Australia’s $17 billion Joint Strike Fighter program. The data breach, which the Australian Government publicly disclosed last week, also includes information about Australia’s $4 billion P-8 surveillance plane...

The National Law Review

 •  October 14

In a speech delivered at the United States Naval Academy on October 10, Deputy Attorney General Rod Rosenstein waded into the public debate between data privacy and law enforcement interests. As part of a discussion moderated by former Covington cybersecurity attorney Jeff Kosseff, Rosenstein’s remarks discussed cyber issues facing law enforcement...

The National Law Review

 •  October 10

Today, one of the most critical risks a company can face is the cyber risks associated with its own employees or contractors. Companies are confronting an increasingly complex series of cybersecurity challenges with employees in the workplace, including employees failing to comply with established cybersecurity policies, accidentally downloading an...

The National Law Review

 •  September 28

“Big four” accounting and consulting firm Deloitte revealed on Monday that it was targeted by a hack that exposed its email system and client records. Although Deloitte has not yet provided details on the full extent of the breach, it confirmed that the information accessed includes confidential emails and plans of some of its blue-chip clients. It...

The National Law Review

 •  September 26

On September 21, 2017, the Director of the Defense Pricing/Defense Procurement and Acquisition Policy (DPAP) issued guidance to Department of Defense (DoD) acquisition personnel in anticipation of the December 31, 2017 date for contractors to implement the security controls of NIST Special Publication (SP) 800-171. The guidance outlines (i) ways in...

The National Law Review

 •  September 25

announced the creation of an Enforcement Division “Cyber Unit” that will focus on cyber-related violative conduct. The timing of this is much more than coincidental; indeed it’s obvious. Just last week, SEC Chairman Jay Clayton disclosed: 1) a 2016 intrusion of the SEC’s EDGAR system due to a software vulnerability in the test filing component of...

The National Law Review

 •  September 14

The Health Insurance Portability and Accountability Act (“HIPAA”) contains minimum security standards that Covered Entities and Business Associates must employ to safeguard protected health information (“PHI”). As part of HIPAA’s security standards, Business Associates are obligated to report all security incidents to the Covered Entity. The HIPAA...

The National Law Review

 •  September 6

In the wake of growing concerns about data privacy and cyber threats, Massachusetts lawmakers are increasingly focused on evaluating and improving the state’s cybersecurity policies and information technology infrastructure. The Senate has created a special committee on cybersecurity readiness, several cybersecurity bills are pending in the...

The National Law Review

 •  September 1

Earlier this month, an appellate panel of the federal DC Circuit unanimously held that individuals affected by a healthcare insurer’s data breach in 2014 could pursue claims against the insurer stemming from the cyberattack. In the process, the panel deepened a circuit split on the question of whether data breach victims have standing to pursue...