Privacy and Security Law – The New Normal

Showing 22 posts in Cybersecurity.

Privacy Laws Heating Up Across the US

Posted In Cybersecurity, Data Privacy, Data Security, Privacy

Face recognition application

2021 may be the year that privacy legislation explodes across the US.  Already, several states including New York, Virginia, and Washington have introduced some form of privacy legislation (many are re-introducing bills that did not pass in 2020).  

Continue reading Privacy Laws Heating Up Across the US ›

California Privacy Rights Act to Spur Additional Privacy Compliance Efforts

Posted In CCPA, Cybersecurity, Data Privacy, Data Security, Privacy

CCPA

Many businesses devoted substantial resources to privacy compliance in 2020, thanks to the California Consumer Privacy Act (CCPA).  They will be rewarded for that effort: during the fall election, Californians approved a ballot initiative that will strengthen the CCPA, dedicate billions of state dollars to privacy enforcement, and create a new enforcement agency for personal privacy rights.

Continue reading California Privacy Rights Act to Spur Additional Privacy Compliance Efforts ›

Threat Actor in Iran Acting Against Certain VPN Products

Posted In Cybersecurity, Privacy

The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have published a warning regarding attacks to certain VPN products by a known threat actor based in Iran.  The CISA warning is here for reference.  Once it has attacked the specified vulnerabilities, the threat actor is able “to gain initial access to targeted networks and then maintained access within the successfully exploited networks for several months using multiple means of persistence,” according to CISA. 

Continue reading Threat Actor in Iran Acting Against Certain VPN Products ›

EU Data Transfers Under Fire

Posted In Cybersecurity, Data Privacy

News emerged this week that the Irish data authority will order Facebook to stop use in the US of data and information about Irish residents. This development is part of a long-running saga between the EU and the US about what constitutes “adequate” protection of personal data about European individuals. If your company has employees, customers, or suppliers in Europe and relies on contracts, government certification, or other formal mechanisms to allow you to use data about those individuals on systems located in the US, the Facebook news and related issues may be relevant.

Continue reading EU Data Transfers Under Fire ›

New Phishing Scam Targeting Remote Workers

Posted In Cybersecurity, Data Privacy, Data Security

The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have issued a warning regarding a new “voice phishing” scam arising from the massive shift to teleworking during the pandemic. Under the new scheme, threat actors posing as the company IT department call workers and request usernames and passwords for the company’s systems in order to log into a new VPN link. The “bad guys” then have access to the company’s existing VPN and log in as if they are legitimate employees.

Continue reading New Phishing Scam Targeting Remote Workers ›

Clearview AI Sued for Civil Rights Violations in Facial Recognition Data Breach

Posted In Cybersecurity, Data Privacy, Data Security

Facial Recognition

The temperature is rising in the data breach arena.  Clearview AI, which produces facial recognition technology widely used by law enforcement, suffered a massive data breach last month.

Continue reading Clearview AI Sued for Civil Rights Violations in Facial Recognition Data Breach ›

CCPA Regulations One Step Closer

Posted In Cybersecurity, Data Privacy, Data Security

Person filling out form information on computer

The California Attorney General, complying with the terms of the California Consumer Privacy Act (“CCPA”), has released a new draft version of implementing regulations for that Act. 

Continue reading CCPA Regulations One Step Closer ›

Corona Virus Scams Online: Remind Employees to Be Aware

Posted In Current Events, Cybersecurity, Data Privacy, Data Security

Corona Virus Scams

Every crisis is an opportunity for bad guys, it seems. The FTC issued a warning yesterday that can be found here.

It is a good idea to remind employees that they may see an upsurge in scam activity due to current events and remind them about personal and professional vigilance.

Continue reading Corona Virus Scams Online: Remind Employees to Be Aware ›

Corona Virus and Remote Work: Check Your Systems Now

Posted In Cybersecurity, Data Security

Remote Worker

If are considering remote working arrangements for all or part of your employee pool due to Covid-19, now is the time to make sure your remote systems are secure.  Adding remote capabilities requires extending your network’s connectivity, potentially adding multiple new devices to your network, and considering workflow and security measures when workers are not under your roof.  All of these measures add vulnerability to any system.  In order to protect your own company data as well as private information of individuals, it is helpful to have a plan in place earlier rather than later. 

Continue reading Corona Virus and Remote Work: Check Your Systems Now ›

Corona Virus and Data Privacy: Caution for International Companies

Posted In Cybersecurity, Data Privacy, Data Security

Corona for International Companies

The spread of corona virus is making headlines for economic, health, and political reasons.  Business-focused news also makes note of the impact of corona on international corporate travel planning.  One other aspect of corona is worth noting for companies with international operations, however: data privacy.  Many companies abroad are asking employees to declare whether they have been tested for corona, and/or what the test results show. 

Continue reading Corona Virus and Data Privacy: Caution for International Companies ›

Stay Connected

Subscribe to blog updates via email

Contributors