Articles Posted in Cybersecurity and Privacy

Posted

TAKEAWAYS: The European Union Court of Justice (“CJEU”) to rule on the validity of Model Contractual Clauses (“MCCs”) following referral by the Irish High Court. The Irish High Court has “well-founded” concerns that there is no effective remedy in US law for EU citizens whose personal data is transferred to the United States and the […]

Posted

The increasing number of software supply chain compromises represents a significant weakness that should be top of mind for security professionals. Regardless of your firm’s core business, chances are they rely on and are connected to a range of software provider’s electronic distribution channels for acquiring initial licenses or software updates. Any such electronic access, […]

Posted

A number of major carriers have suffered high-impact IT events in the past several months. Estimates of losses in these cases have exceeded £100m. This is on top of (no doubt significant) remedial costs, reductions in share price and reputational damage. Such high-impact events are, in theory, unlikely to occur—the result of a series of […]

Posted

According to PwC’s latest biennial Global Economic Crime Survey, cyber-crime is up 20 percent since 2014 and more than half of the firms surveyed expect to become the victim of a cyber-crime in the next two years, although a third reported that they have no plan to address a cyber-incident. While we are used to […]

Posted

Effective March 1, 2017, first-in-kind regulations issued by the New York Department of Financial Services (New York DFS) will begin to affect a wide array of both depository and non-depository financial institutions. The new regulations will cascade certain requirements upon these financial institutions’ third-party service providers, requiring the financial institutions to take a close look […]

Posted
Posted by

The UK’s financial services regulator, the Financial Conduct Authority (FCA), has recently published summaries of the responses it received to a Call for Inputs (CfI) on the use of big data in the retail general insurance (GI) sector as well as outlining its responses to the issues raised. Insurance companies, which are increasingly using big […]

Posted

As stated by Wired, “It’s all the standard advice you’d give a tech novice,” aptly sums up the White House’s Cybersecurity National Action Plan (CNAP) that President Obama unveiled on February 9, 2016. Announced as part of the President’s overall budget proposal, CNAP is a plea within the federal government to implement a sturdier foundation […]

Posted

Retirement plan sponsors face ever-evolving cyber-related threats to plan assets and participant personal information. To combat such threats, plan sponsors should proactively assess the third-party service providers’ ability to detect, prevent and respond to cyberattacks against the retirement plan. In order to minimize a retirement plan’s overall cyber risk profile, its sponsor(s) must implement a […]

Posted

This blog is the second part of a two-part series on key contracting issues with technology service providers, and the focus is specifically geared toward companies doing business in the real estate industry. As noted in Part 1, technology has infused every sector of society, and the real estate business is no different. Firms running […]

Posted

Managed security services are often a natural “add-on” when outsourcing IT services given that data protection is integral to application development, software as a service, and cloud storage, among other services. More recently, managed security services has become a “niche” sourcing alternative that many companies are considering as they seek to leverage supplier’s expertise in […]