Call 855-808-4530 or email GroupSales@alm.com to receive your discount on a new subscription.
On December 28, the New York State Department of Financial Services (DFS) issued an updated version of its first-in-the-nation cybersecurity regulation after having “carefully considered all comments submitted” during the comment period following the issuance of the original regulation in September. The comments received by the DFS included a strongly worded and detailed letter authored by banking and insurance industry groups. The updated draft is subject to an additional comment period of 30 days and the final version will become effective March 1, 2017. The updated proposed regulation provides significantly more wiggle room than the original version, shifting from an approach that enforces minimum standards to a risk-based approach with increased transition periods for compliance. A few highlights of the changes are summarized below:
In addition to the delayed effective date of March 1 (from January 1)and the default transition period of 180 days to comply (which now runs on August 28, 2017), the DFS has built in longer transition periods for certain sections. New deadlines include:
By Bart A. Lazar
The confusing and conflicting world of contractual requirements and personal data security breach notification laws can add insult and expense to injury, and sometimes adds injury itself. Tough -- and sometimes expensive -- choices need to be made quickly.
By Robert W. Anderson and Eric B. Levine
Critical to any counsel working to prevent a cyber-attack or respond to a successful cyber intrusion is an understanding why and how to properly utilize both attorney-client and work-product privilege. The overriding principle of using privilege is straightforward: to protect your organization’s investigation and breach response efforts from usage by third parties or regulatory agencies in litigation arising from a breach.
By Adam Cohen
Part One of a Two-Part Article
Part One of this two-part article is aimed at demystifying the hesitations behind cloud security and analyzing the fast-growing transformation to a range of newer technical approaches with important consequences for legal practice.
By Jared Coseglia
Part Two of a Two-Part Article
Professionals in e-discovery and privacy, including lawyers, are hungry for growth opportunities and may be ripe to transition into certain security-centric positions; however, the security job landscape is far more expansive and far less commoditized than ESI or privacy — for now. Part Two provides a road map for how certifications can assist an individual or an organization in reinventing, repurposing, creating or maintaining cybersecurity talents.