Mark Young and Paul Maynard of Covington and Burling write: UKG) proposals for new, sector-specific cybersecurity rules continue to take shape. Following the announcement of a Product Security and Telecommunications Infrastructure Bill and a consultation on the security of apps and app stores in the Queen’s Speech (which we briefly discuss here), the UKG issued a…
Category: Legislation
LEAK: European Commission to introduce cyber requirements for Internet of Things products
Luca Bertuzzi reports: The proposal for a Cyber Resilience Act that will be presented next week will mandate baseline cybersecurity standards for all connected devices and stricter conformity assessment procedures for critical products, according to a draft seen by EURACTIV. The proposal is trying to address the widespread vulnerabilities in the booming Internet of Things (IoT)…
South Korea to ban 16 unregistered overseas crypto exchanges
FE Digital Currency reports: South Korea’s Financial Services Commission (FSC) has reported 16 foreign crypto exchanges to investigative agencies for violating the Specific Financial Information Act, Cryptoslate reported quoting news1. As per the report, the 16 companies have reportedly been offering crypto services to Koreans and conducting events geared toward Koreans despite the law prohibiting…
Patchwork of US State Regulations Becomes More Complex as Florida, North Carolina Ban Ransomware Payments
Scott Ikeda reports: The issue of banning ransomware payments has been contentious and hotly debated in governments throughout the world in the last few years, particularly as the problem seemed to grow out of control during the Covid-19 pandemic. In the US, the federal government has come down on the side of allowing payments but adding increasingly…
New York Becomes First State to Require CLE in Cybersecurity, Privacy and Data Protection
By Hunton Andrews Kurth’s Privacy and Cybersecurity On June 10, 2022, New York became the first state to require attorneys to complete at least one credit of cybersecurity, privacy and data protection training as part of their continuing legal education (“CLE”) requirements. The new requirement will take effect July 1, 2023. The New York State…
US regulator urges MFA and puts banks on notice – not reasonably protecting data is illegal
Jim Nash reports: A U.S. consumer finance regulator has published a circular warning that insufficient security for consumer biometric and other personal data is illegal under federal law. Multi-factor authentication is singled out as a method of making data security sufficient. Anyone reading that who still thinks it will never happen to them is invited…