Peter Marta, Jasmeet Ahuja, and Asmaa Awad-Farid of Hogan Lovells write: Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the effective date of the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act…
Category: State/Local
New York state school districts face deadline to improve cyber security
Celia Watson Seupel reports: Protecting Saugerties school district data from hackers could cost $70,000 annually — money that’s “not going to improve the quality of education,” Board of Education Trustee Krista Barringer said. […] Protecting school district data from hackers has become mandatory. A new regulation adopted by the state Board of Regents took effect Jan. 29,…
Mississippi Public School Districts May Not Be Ready to Comply with New Statewide Cybersecurity Requirements
Adam V. Griffin and James A. Keith of Adams and Reese LLP explain: The Mississippi Department of Education (MDE) is seeking public comment on a proposed rule pertaining to cybersecurity that will require Mississippi public school districts to take substantial actions to prepare. The rule would require each district to: Implement 22 enumerated policies related…
Bipartisan bill in Congress proposes cybersecurity coordinators for every state
Fahmida Y. Rashid writes: A bipartisan group of Senators are interested in establishing a cybersecurity leader for each state in order to increase the states’ abilities to respond to cyberattacks. Sen. Maggie Hassan (D-NH), the lead sponsor of the bill, highlighted the wave of ransomware attacks which have crippled cities and government entities in recent…
N.Y. Senator Carlucci Introduces Bill That Prohibits Paying Ransom
Security Magazine reports: New York Senator David Carlucci introduced Senate Bill S7289 that would ban the paying of ransom. The bill prohibits municipal corporations or other government entities from paying ransom in the event of a cyber-attack against them. In addition, the bill defines a cyber attack as “a virtual attack against the critical infrastructure, as defined in subdivision five of section eighty-six of…
PA Bill Tracker: Allowing victims of data breaches to sue companies that didn’t secure information
Daniel Walmer reports on a bill proposed in the Pennsylvania legislature: House Bill 1010, introduced by Solomon, would change that. Under the bill, victims of data breaches could sue for $5,000 per violation or more if their actual losses were more than $5,000. The attorney general’s office can also seek civil penalties up to $10,000….