cybersecurity Archives - Page 2 of 3 - Data Privacy and Security™

May 4, 2018 Data Privacy / Emerging Issues

Nearly a 50 percent Increase in Gulf Region Cyberattacks

Gulf Business Machines (GBM) reports a significant increase – from 28 percent in 2016 to 41 percent in 2017 — in hacking events among Gulf-based enterprises. Even so, only 31 percent of regional organizations are concerned about the detection and response to these attacks. At the 2018 Gulf Information Security Expo and Conference in Dubai that took place from May 1-3, 2018, GBM issued its Seventh Annual Cybersecurity Study, which surveyed regional organizations regarding security in the business environment. The survey polled over 600 executives… Continue Reading

September 13, 2017 Regulation

DFS Partially Clarifies Who Qualifies for an Exemption Under Cybersecurity Regulation

By the terms of 23 NYCRR 500.19(e), Covered Entities that have determined they qualify for a limited exemption from compliance under 23 NYCRR 500.19(a)-(d) of New York’s new Cybersecurity Regulation — as of August 28, 2017 — are required to file a Notice of Exemption with the New York Department of Financial Services (NYDFS) on or prior to September 28, 2017. The first compliance date of August 28, 2017 in New York’s cybersecurity regulation, and the date for Covered Entities to determine whether they qualify… Continue Reading

September 29, 2016 Class Action / Cyber Risk / Cybercrime / Cybersecurity

Judge Rules No Standing to Pursue Fear Of “Hacker Harm”

Last week a judge in the Southern District of Illinois trimmed several claims from a class action complaint made against Chrysler and Harman International Industries stemming from a 2015 WIRED magazine article. The July 21, 2015 WIRED article described the author’s experience of being a “digital crash-test dummy, a willing subject on whom [two hackers] could test the car-hacking research they’d been doing over the past year.” Less than two weeks after the article was published, on August 4, 2015, the plaintiffs filed their class… Continue Reading

June 8, 2016 Cyber Attacks / Cyber Breach

Credit Card Payment Coverage Declined: Cyberinsurer Not Obligated to Reimburse P.F. Chang’s for PCI Liability

In the most significant cyberinsurance coverage decision to date, an Arizona federal district court in P.F. Chang’s China Bistro v. Federal Insurance Co., No. CV-15-01322-PHX-SMM (D. Ari. May 31, 2016), granted summary judgment to Federal Insurance Company, acknowledging it had no duty to reimburse P.F. Chang’s China Bistro for payment card industry liability assessments under the CyberSecurity policy issued by Federal to P.F. Chang’s corporate parent. This decision represents a significant victory for cyberinsurers insofar as it upholds insurers’ marketing strategy of making available… Continue Reading

August 21, 2015 Cyber Attacks / Cyber Breach / Cyber Risk / Cybercrime / Emerging Issues

PwC Issues 2015 Cybercrime Survey Results

“It’s been a watershed year for cybercrime,” explains PricewaterhouseCoopers LLC in its 2015 report analyzing data from 500 executives across US businesses, law enforcement and government agencies. The survey and report, co-sponsored by PwC, CSO, Carnagie Mellon University and the United States Secret Service, provides a comprehensive analysis of trends in cybercrime and cyberthreats, as well as security spending and overall manage of these growing business risks. This year, a record 79 percent of respondents detected a security incident during the past 12 months, with… Continue Reading

July 23, 2015 Cyber Attacks / Cyber Breach / Cybersecurity / Legislation / Regulation

New Federal Cybersecurity Legislation and Regulations Proposed in Washington DC

This week, new legislation and regulations have been proposed to address cybersecurity concerns in new automobiles and the nation’s Bulk Electric System. On Tuesday, Senators Edward J. Markey (MA) and Richard Blumenthal (CT) introduced new legislation to address the hacking risks associated with “connected vehicles.” The Security and Privacy in Your Car Act of 2015 would mandate that sensitive software systems be isolated and additional safeguards be added “to protect consumers from security and privacy threats to their motor vehicles”. The legislation followed a 2014… Continue Reading

May 11, 2015 Cyber Attacks / Cyber Breach / Cyber Risk

DOJ Issues Best Practices for Cyber Incident Response

The US Department of Justice, Criminal Division, Cybersecurity Unit has issued a 15-page best practices document “to assist organizations in preparing a cyber incident response plan and…in preparing to respond to a cyber incident.” The document explains in detail steps necessary before, during and after a cyber attack or intrusion, summarized in a “Cyber Incident Preparedness Checklist” (see below). “Any Internet-connected organization” is advised to review and adopt these best practices in order to provide a prompt, effective response to incidents, minimize resulting harm, expedite… Continue Reading

May 8, 2015 Cyber Attacks / Cyber Breach / Cybersecurity / White House

Senator Seeks Answers from President on White House Cyber Attack

Chairman of the Senate Committee on Commerce, Science and Transportation, John Thune, has sent an open letter to President Obama to address the cyber attack on the White House’s unclassified computer system in late-2014. The breach, allegedly by Russian hackers, was according to Senator Thune “more extensive than previously known,” and accessed “a great deal of sensitive information, such as schedules, policy discussions, and e-mails sent and received by” Mr. Obama, “including exchanges with ambassadors.” Following increased attacks across Executive Branch departments and agencies, Mr.… Continue Reading

March 11, 2015 Cyber Attacks / Cyber Breach / Cybercrime / Lawsuit

Hackers Charged with Stealing 1 Billion E-mail Addresses

The U.S. Department of Justice has unsealed indictments against three hackers for having broken into eight email service providers (ESPs), stealing 1 billion email addresses and names, and receiving $2,000,000 for the sale of products to those email addresses through a “spam” sales scheme. According to the indictments filed with the U.S. District Court for the Northern District of Georgia, Canadian David-Manuel Santos Da Silva and Viet Quoc Nguyen and Giang Hoang Vu from Vietnam used an email phishing scheme beginning in 2009 to gain… Continue Reading

January 8, 2015 Cyber Attacks / Cybersecurity / Insurance

Digital Cloning: Hacking Your Fingerprints

While your biometrics may be as unique as a snowflake, they can still be digitally captured, copied and used to gain access to your “secure” computer network and data storage facilities. Using standard photos taken during a press event in October and commercially available software, a 31-year-old member of Europe’s largest association of hackers successfully re-created a digital fingerprint of German defense minister Ursula von der Leyen. The digital print could then be used not only to fool security software, but with the increasing sophistication… Continue Reading