Jane Blaney, Author at Discerning Data

What Are Blockchain, Crypto and NFTs? A Deeper Look – Faegre Drinker on Law and Technology Podcast

As of March 2022, there are more than 18,000 different crypto currencies in service for a total market capitalization of $2 trillion. In this episode of the Faegre Drinker on Law and Technology Podcast, host Jason G. Weiss chats with Faegre Drinker partner Jeff Blumberg and associate Jane Blaney, to revisit the world of crypto and not only discuss the foundations of crypto currencies, but also explore the world of blockchain and non-fungible tokens, or NFTs.

The conversation tackles a number of questions, including:

What is blockchain and what makes it different from traditional recordkeeping processes?
What exactly is crypto currency? What is important to understand about it?
What exactly is an NFT? How do they work in easy-to-understand concepts?
What uses are there for blockchain, both using crypto currencies and in uses other than crypto currency?
Are crypto currencies considered “legal tender”? Can people use them like normal money?
How can and will NFTs be used in other ways in our society as these concepts grow?

Continue reading “What Are Blockchain, Crypto and NFTs? A Deeper Look – Faegre Drinker on Law and Technology Podcast”

NYDFS Releases Pre-Proposed Second Amendment to its Cybersecurity Regulations, 23 NYCRR 500

On July 29, 2022, the New York Department of Financial Services (NYDFS) published the pre-proposed second amendment to its Cybersecurity Regulations, 23 NYCRR 500 (Part 500), that if adopted, would likely require numerous policy and operational changes. NYDFS sought comments to the pre-proposal through August 18, 2022. Although this amendment has been long-anticipated, the next step will be for NYDFS to formally publish the second amendment.

Effective in 2017, Part 500 was a first-of-its-kind state regulation that created mandatory cybersecurity and risk management regulations for “covered entities.” Part 500 defines Covered Entities as persons operating under or required to operate under a license, registration, charter, certificate, permit, accreditation or similar authorization under the Banking Law, the Insurance Law or the Financial Services Law.

Continue reading “NYDFS Releases Pre-Proposed Second Amendment to its Cybersecurity Regulations, 23 NYCRR 500”

Ransomware Payments Become an Even Riskier Choice Amidst the Ever-Growing Sanctions List

In February 2022, Executive Order 14024 highlighted that Russia’s invasion of Ukraine threatened not only Ukraine but also the national security and foreign policy of the United States. Pursuant to this executive order, and in the face of national security concerns, the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) has instituted extensive sanctions, including both economic and trade sanctions. Also, in response to the national security concerns, the Cybersecurity and Infrastructure Security Agency (CISA) issued a Shields Up notice, urging companies to bolster their cybersecurity to protect themselves against the threat of a cyberattack.

As the conflict between Russia and Ukraine continues, the threat of a cyberattack, specifically ransomware and NotPetya-style attacks, remains top of mind. However, as entities continue to bolster their cybersecurity and protect themselves against these attacks, they should be cognizant of the implications that OFAC sanctions may have in connection with such an attack.

Continue reading “Ransomware Payments Become an Even Riskier Choice Amidst the Ever-Growing Sanctions List”

New York Department of Financial Services Announces $5 Million Penalty in Most Recent Cybersecurity Enforcement Action

On June 23, 2022, the New York State Department of Financial Services (NYDFS) announced the entry of a Consent Order in connection with its most recent cybersecurity enforcement action, which included a $5 million monetary penalty against Carnival Cruise Line, Princess Cruise Lines, Holland America Line, Seabourn Cruise Line, and Costa Cruise Lines (“Carnival Companies”), for violations of NYDFS’s Cybersecurity Regulation, 23 NYCRR Part 500 (“Part 500”). In addition to the $5 million monetary penalty, the Carnival Companies also surrendered their insurance producer licenses and agreed to cease selling insurance to residents of New York.

According to the Consent Order, between 2019 and 2021, the Carnival Companies were the subject of four separate cybersecurity events, including ransomware and phishing attacks. All four of the cybersecurity events led to the exposure of nonpublic personal information (NPI) of both consumers and employees, including such information as names, addresses, birth dates, passport numbers, and in some instances, other sensitive information such as social security numbers and health information.

Continue reading “New York Department of Financial Services Announces $5 Million Penalty in Most Recent Cybersecurity Enforcement Action”

HHS Ransomware Report Details Revival of Dangerous LOTL Cyberattack

On May 5, 2022, the U.S. Department of Health and Human Services (HHS) issued a report entitled “Ransomware Trends in the HPH Sector” (HHS Report) that reviewed key cybersecurity threats and trends affecting the U.S. healthcare sector.

Continue reading “HHS Ransomware Report Details Revival of Dangerous LOTL Cyberattack”

A Cyber Hygiene Strategy: Cyber Insurance Endorsements

In the insurance industry, an “endorsement” is used to amend an insurance policy. Endorsements can be used to add items to a policy, amend policy provisions, or update an insured’s coverage. Endorsements also can be used to provide directions to third parties with whom an insured can work if a claim is made under a policy.

Continue reading “A Cyber Hygiene Strategy: Cyber Insurance Endorsements”

DISCERNING DATA

A Faegre Drinker Blog Covering the Latest in Privacy, Cybersecurity and Data Strategy

Author: Jane Blaney