Call 855-808-4530 or email GroupSales@alm.com to receive your discount on a new subscription.
New York is poised to become the first state in the nation with comprehensive cybersecurity regulation and reporting requirements applicable to the entire financial services industry, with only very limited exemptions. 23 NYCRR 500 (the Regulation) will require banks, insurance companies, and other financial institutions regulated by the New York State Department of Financial Services (DFS) to establish and maintain a cybersecurity program designed to protect consumers and the stability of New York’s financial services industry. The Regulation was designed to promote the protection of customer information as well as the underlying information technology systems of regulated entities in light of the ever-increasing threat of cyber attacks. It requires assessment of specific risk profile and design of program addressing risks, for which senior management is responsible including annual certification of compliance.
By Matthew Calcagno
The documents that a firm produces are its greatest asset, yet firms historically have not made sufficient efforts to safeguard those documents from both internal and external threats. Law firms have typically had an open-door approach to document access. This means that anyone in your firm can likely access any document at any time, leaving your firm’s intellectual property entirely unprotected.
By Sean Wieber, Patrick O’Meara and Eric Shinabarger
The BIPA compliance lag has led companies using or collecting biometric information to consider how far back their liability may extend. The Illinois General Assembly, however, did not include an explicit statute of limitations period in BIPA. As a result, the statute of limitations has become one of BIPA’s primary battlegrounds as litigants argue about potential class sizes and damages awards.
By Alan L. Friel
Part Two of a Two-Part Article
Part One of this article, last issue, covered how the CCPA applies to businesses — both in and outside California, the revenue threshold, proposed amendments and other open issues. Part Two continues with the rights that CCPA grants to Californians, the CCPA’s impact on company privacy policies, how other states’ privacy laws compare to the CCPA, exceptions and penalties for violating the Act.
By Christine Simmons and Xiumei Dong
“It’s Not the Hardware You Worry About, It’s the Mistake That Someone Makes That Inadvertently Gives a Bad Actor Access.”
The legal industry has poured significant resources into cybersecurity, leading to huge leaps in progress in the last decade. But there are areas where large and small law firms can do much better in preventing and reacting to data breaches, and the legal sector may risk falling behind other industries. That’s partly because hackers are learning how to circumvent law firm security systems, leading to a continuous game of cat and mouse.