Dec 06, 2018
With many of the provisions of the New York Department of Financial Services Cybersecurity Regulation now in effect, firms are looking ahead to the March 2019 deadline for meeting the law’s third-party requirements. The Cybersecurity Law Report hosted a complimentary webinar on best practices for compliance with the law. James Shreve, a partner at Thompson Coburn, and Shawn Malone, CEO of Security Diligence, joined The Cybersecurity Law Report’s Rebecca Hughes Parker to discuss, among other topics: regulatory expectations, third-party management challenges, how the regulation’s provisions lay a groundwork for various aspects of a cybersecurity program – such as records management systems and business continuation programs – and strategies for ensuring ongoing compliance.
Jun 04, 2018
Amy Terry Sheehan discussed how to effectively monitor, manage, update and maintain long-term third-party relationships with Kristina Bergman, CEO and founder of Integris Software, Karen Hornbeck, a senior manager at Consilio, and Aaron Tantleff, a partner at Foley & Lardner. They explored from both legal and technical perspectives how to identify potential gaps and overcome challenges with vendors due to changed circumstances, cyber incidents and new requirements and regulations, including the GDPR.
Dec 12, 2017
As demonstrated by recent breaches, the publicity surrounding a cyber incident can cause more damage than just the technical problem itself, raising the stakes on a company’s response. Jill Abitbol delved into cyber crisis communications plans with Siobhan Gorman, director at Brunswick Group, Brian Lapidus, the practice leader of Kroll’s identity theft and breach notification practice, and Seth Harrington, a partner at Ropes & Gray.
Oct 16, 2017
Monitoring data systems and employee digital activity is critical to reducing the significant cybersecurity risks that employees pose, but companies do need to make sure they comply with legal requirements when implementing surveillance programs. Amy Terry Sheehan discussed effective notice, legal considerations, specific policies regarding BYOD, termination and remote employees, how to navigate contrasting rules and approaches in Europe, and more with Mike Pappacena, a managing director at ACA Aponix, Mary Dollarhide, a partner at DLA Piper, and Jennifer Rubin, a member of Mintz Levin.
Sep 18, 2017
Rebecca Hughes Parker discussed balancing convenience with security, innovations in multi-factor authentication, using regulation and guidance, and best practices for implementing and improving online authentication systems with Cassio Goldschmidt, vice president at Stroz Friedberg, Jeremy Grant, managing director at Venable, and Chris Pierson, general counsel and chief security officer at Viewpost.
Feb. 13, 2019
Reducing Risk in the Dawn of Equifax and Other Cyber-Related Securities Fraud Class Actions
Jan. 30, 2019
How Healthcare and Other Industries Can Use the HHS Cybersecurity Practices Guidance
Feb. 6, 2019
Analyzing Early GDPR Enforcement: France
Feb. 13, 2019
Practical Ways to Incorporate Security Protection Into Supplier Agreements
Jan. 30, 2019
Analyzing Early GDPR Enforcement: U.K. and Austria