Author Archives: James M. Paulino II

Mandatory Reporting and “Cyber Mission Forces” Created in 2015 National Defense Authorization Act (NDAA)

Beyond appropriating $560,000,000,000 for military spending for 2015, the Defense Authorization Act passed this month expands the role of the military in wide range of areas, including strategic programs in outer space, budgeting and accounting for a new “cyber mission” major force program category, and new mandatory reporting of “cyber incidents” by government contractors and agencies. Title XVI, Subtitle C of the Senate Amendment to H.R. 3979, “Cyber-Related Matters,” first directs the Secretary of Defense to submit with the 2017 budget a new program for…

Continue Reading....

Cybsersecurity Starts at the Top

This summer, the Federal Financial Institutions Examination Council (FFIEC), made up of the FED Board of Governors and FDIC, among others, conducted a Cybersecurity Assessment at over 500 community financial institutions to evaluate their ability to handle cyber risks.  While the data is still being analyzed in order to assist with future guidance and regulations, last month the FFIEC Cybersecurity Assessment’s “General Observations” were released. What is striking about the General Observations, which are not to be construed as guidance, is that they call out…

Continue Reading....

Are Third-Party Vendors the Weakest Link in your Cyber Security Chain?

So, you’ve invested in a top-rate data security system, and hired the best CISO (Chief Information Security Officer) imaginable, but have you ever audited the security of the computers used by your attorneys and accountants…to whom you disclose your company’s most confidential and sensitive information? Well, you should. As recently reported in the Wall Street Journal, today’s largest financial institutions are now putting law firms to the test when it comes to the security of the information provided to their attorneys. And, rightly so, as…

Continue Reading....