CHAIRWOMAN ROSENWORCEL CIRCULATES NEW DATA BREACH REPORTING REQUIREMENTS Proposal is a Response to Recent Security Breaches in the Telecommunications Industry — WASHINGTON, January 12, 2022—Today Federal Communications Commission Chairwoman Jessica Rosenworcel shared with her colleagues a Notice of Proposed Rulemaking (NPRM) that would begin the process of strengthening the Commission’s rules for notifying customers…
Category: Federal
FTC Finalizes Order with Mortgage Analytics Firm, Requiring it to Strengthen Security Safeguards, Increase Oversight of Vendors
In December, 2020, the FTC announced a proposed settlement with Texas-based Ascension Data & Analytics after a security breach involving one of its vendors resulted in the exposure of, and unauthorized access to, consumers’ mortgage applications. One year later, the settlement received final approval, as the FTC announced on December 22: The Federal Trade Commission…
Indian authorities set to tighten data breach laws in 2022
Stephen Pritchard reports: Authorities in India are set to clamp down on data breaches and tighten rules for holding sensitive data, according to local media reports. Organizations will be forced to disclose data breaches within 72 hours, bringing India in line with territories such as the EU, which mandates breach disclosures under its General Data Protection Regulation…
TSA issues security rules for rail operators
Lindsey O’Donnell-Welch reports: New cybersecurity requirements from the Transportation Security Administration (TSA) give freight railroads, passenger rail and rail transit operators a 24-hour deadline for reporting security incidents. Starting on Dec. 31, “high-risk” operators and owners across the rail sector must take a number of steps to bolster the cybersecurity of their systems. They must…
Huge fines and a ban on default passwords in new UK law
Jane Wakefield reports: The government has introduced new legislation to protect smart devices in people’s homes from being hacked. Recent research from consumer watchdog Which? suggested homes filled with smart devices could be exposed to more than 12,000 attacks in a single week. Default passwords for internet-connected devices will be banned, and firms which do…
Overview of Legislations on Cybersecurity, Personal Data Protection and Computer Misuse
The Cyber Security Agency of Singapore (CSA) had collaborated with the PDPC and Singapore Police Force (SPF) to develop a handbook covering an overview of the Cybersecurity Act, Computer Misuse Act and Personal Data Protection Act. The handbook explains the three different legislations and how they work in tandem, illustrated through examples of data breaches….