An updated version of the NIST Cybersecurity Framework is on the way.
In 2013, President Barack Obama directed the National Institute of Standards and Technology (“NIST”) to lead the development of a cybersecurity framework to “reduce cyber risks to critical infrastructure.” The result was the NIST Cybersecurity Framework (formally, the “Framework for Improving Critical Infrastructure Cybersecurity”), a comprehensive, flexible, and scalable approach that provides a structure that can be used by entities to create, guide, assess, or improve their cybersecurity programs. The first version, v1.0, of the CSF was released in February 2014. NIST subsequently released v1.1 of the CSF in April 2018 to clarify, refine, and enhance the framework. Since its release, the CSF has been widely adopted across a range of industries within the United States and internationally.
In Jones v. Google, LLC, a three-judge panel of the U.S. Court of Appeals for the Ninth Circuit held that a district court judge erred in finding that state privacy claims were preempted by the federal statutory framework referred to as the Children’s Online Privacy Protection Act, or “COPPA.” The district court had dismissed a class action brought by children based on allegations “that Google used persistent identifiers to collect data and track their online behavior surreptitiously and without their consent…”
This year’s deadline for filing individual tax returns is April 18.
Malicious actors routinely target human resources professionals, certified public accountants, and individual employees with social engineering attacks during tax season in an effort to obtain copies of Internal Revenue Service Form W-2 (Wage and Tax Statement). Form W-2 contains the information that allows a malicious actor to file false tax returns and steal the refunds. Those who receive, process, or maintain copies of W-2s should be on the lookout for phishing emails and other types of social engineering attempts this tax season.
Welcome to the Constangy Cyber Advisor! Our 44-member cybersecurity and data privacy team is excited to announce we have joined the nationally renowned labor and employment law firm Constangy, Brooks, Smith & Prophete, LLP! As part of this move, the Constangy Cyber Team will regularly post blogs to the Constangy Cyber Advisor about significant data privacy and information security issues. Our blog posts will be informed by the thousands of data breaches we have managed, the dozens of new data breaches we manage each week, the robust compliance advisory services we provide to our clients, and the complex data privacy and security litigation on which we consult with our class action litigators.
The Constangy Cyber Advisor posts regular updates on legislative developments, data privacy, and information security trends. Our blog posts are informed through the Constangy Cyber Team's experience managing thousands of data breaches, providing robust compliance advisory services, and consultation on complex data privacy and security litigation.
Subscribe
Contributors
- Suzie Allen
- John Babione
- Bert Bender
- Jason Cherry
- Christopher R. Deubert
- Maria Efaplomatidis
- Sebastian Fischer
- Laura Funk
- Lauren Godfrey
- Taren N. Greenidge
- Chasity Henry
- Julie Hess
- Sean Hoar
- Donna Maddux
- David McMillan
- Ashley L. Orler
- Todd Rowe
- Melissa J. Sachs
- Allen Sattler
- Matthew Toldero
- Alyssa Watzman
- Aubrey Weaver
- Xuan Zhou