Seen on NACS: Last Friday, NACS and a group including eight other trade associations sent a letter to every U.S. Senator articulating the priorities of the associations in the context of data breach or data security legislation. The Senate has indicated that it might consider cybersecurity information-sharing legislation on the floor this coming week and if so,…
Category: Federal
New German cyber security law to protect critical infrastructure
Neil Ford explains: Germany has passed a new IT security law requiring critical infrastructure institutions to implement minimum information security practices or face fines of up to €100.000. The new law, which was drafted last August, was passed by the Bundestag last month and has now been passed by Germany’s upper house, the Bundesrat. It gives…
National Association of Attorneys General: Federal Data Breach Legislation Should Not Preempt States
The National Association of Attorneys General (NAAG) sent a letter today to congressional leaders urging them to ensure that federal data breach legislation preserves states’ ability to enforce state laws in order to protect consumers from data breaches and identity theft. Most of the federal bills related to data security and data breach notification pending…
ALERT: NIST Issues Final Guidance on Federal Contractor Cybersecurity Standards for Controlled Unclassified Information
Alexander Major of Sheppard Mullin writes: On June 19, 2015, the National Institute of Standards and Technology (NIST) published the final version of guidance for federal agencies to ensure sensitive information remains confidential when stored outside of federal systems. The guidelines, Special Publication 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations, apply to…
Lawyers and ethical hackers weigh in on Astros hack
Robert Patrick interviews a number of attorneys and white-hat hackers about whether the government is likely to pursue charges under the Computer Fraud and Abuse Act in this piece in the St. Louis Post-Dispatch.
House OGR questions FTC’s Ramirez about standards for data security
In a hearing yesterday, Rep. Darrell Issa of the House Committee on Oversight and Government Reform questioned FTC Chairwoman Edith Ramirez about standards for data security enforcement. And although I often disagree with Rep. Issa, I do agree that entities need to know what they need to do to have safe harbor from an FTC enforcement…