Posts tagged Cyber Incident Response.

Last week, the California Attorney General announced its second-ever settlement under the California Consumer Privacy Act, as amended by the California Privacy Rights Act. The settlement was with the online food ordering and delivery platform DoorDash.

In an opinion filed on Friday, California’s Third District Court of Appeal reversed a lower court ruling that postponed until the end of March the enforcement of regulations promulgated pursuant to the California Privacy Rights Act.

The ever-increasing privacy and security risks via third-party vendors and service providers were apparent in 2023 with news of large organizations such as MOVEit, Okta and AT&T being affected. Research has shown that 98 percent of organizations have at least one third-party vendor that experienced a cyber incident within the past two years. With this growing trend, it is increasingly important for organizations to develop robust third-party risk management programs and to consistently review their third-parties to safeguard against security threats and ensure the security and privacy of their data.

The New York Department of Financial Services recently amended its Cybersecurity Regulation. The revisions aim to strengthen cybersecurity and technology controls to address evolving threats to consumer data and ensure the continued integrity of financial systems. Here are a few key elements of the amendments to Regulation and what we think will be their immediate impact on financial institutions.

‘Tis the season for the hustle and bustle of year-end holiday activities. With that comes the increased risk of cybercriminals exploiting the season to find vulnerabilities. This includes taking advantage of increased online transactions, employee vacations, and holiday gift-giving to launch attacks on organizations large and small. Below are some steps companies can consider taking to increase their defenses against the most common holiday cybersecurity threats:

As we near the end of another year, it is time to look ahead to developments in the information security and privacy landscape. One area of particular importance is the development of regulations implementing the Cyber Incident Reporting for Critical Infrastructure Act of 2022.

The Constangy Cyber Advisor posts regular updates on legislative developments, data privacy, and information security trends. Our blog posts are informed through the Constangy Cyber Team's experience managing thousands of data breaches, providing robust compliance advisory services, and consultation on complex data privacy and security litigation. 

Subscribe

* indicates required
Back to Page