Last year, we provided a brief primer on prominent cybersecurity frameworks. In this episode of the Faegre Drinker on Law and Technology Podcast, Jason G. Weiss chats with guests Jim Watkins, former deputy laboratory director in the FBI’s Orange County Crime Lab and current certified technical assessor for the ANSI National Accreditation Board, and Nate Shiflett, the director of posture and compliance for Sylint, an internationally recognized cybersecurity and forensics firm, to take a deeper look into the leading cybersecurity frameworks.
Year: 2022
Capping Cyber Casualties: Steps to Avoid Cyberattacks Flowing From Hostilities in Ukraine
Recognizing that cyberattacks have already commenced and could spread beyond the Russian-Ukrainian battlefield, organizations can take several steps to protect themselves. They can recognize the risk. Then organizations can assess likely cyber threats and vulnerabilities, build resilience and take preventive actions, to avoid becoming another casualty in a conflict that already has too many.
Ransomware Attacks in 2022 – Things are NOT Getting Better: A Call to Arms
The success of ransomware attacks in 2021 has only emboldened cyber threat actors around the globe to continue these nefarious attacks on innocent victims. Ransomware attacks are only going to be growing in 2022. This conclusion comes from a recent international partner advisory (Advisory) jointly issued by The Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the NSA.
Continue reading “Ransomware Attacks in 2022 – Things are NOT Getting Better: A Call to Arms”
SEC Proposes New Cybersecurity Risk Management Rules for Registered Investment Advisers, Registered Investment Companies and Business Development Companies
The Securities and Exchange Commission voted to propose cybersecurity rules that, if adopted, would require investment advisers and funds to implement written policies and procedures to address cybersecurity risk, and would create new reporting, disclosure and record keeping obligations.
International Data Transfers: Clarity on Timing of U.K. Transfer Mechanisms
The U.K. Information Commissioner’s Office recently confirmed the options and clarified the timing of new data transfer agreements for transfers of personal data out of the U.K. The situation has been somewhat confusing, even to those relatively familiar with international data transfers. Organizations can now review their data transfer arrangements with greater certainty, and this will be a key priority for 2022.
Continue reading “International Data Transfers: Clarity on Timing of U.K. Transfer Mechanisms”
Illinois Supreme Court: BIPA Claims Not Barred By Workers’ Compensation Act
The Illinois Supreme Court ruled that workers compensation preemption is not a defense to plaintiffs’ claims for damages under the Illinois Biometric Information Privacy Act. The February 3, 2022 ruling in McDonald v. Symphony Bronzeville Park, LLC, 2022 IL 126511 will likely awaken many long-stayed BIPA class action lawsuits and pave the way for new ones to be filed.
Continue reading “Illinois Supreme Court: BIPA Claims Not Barred By Workers’ Compensation Act”