Standard Post with Image

European Union Commissioner for Justice, Consumers and Gender Equality releases an interview on the US – EU future on the Privacy Shield

The European Union Commissioner for Justice, Consumers and Gender Equality, Ms. Věra Jourová, has released an interview to Bloomberg Technology where she accentuates that the EU expects continuity from President Trump’s Administration on the Privacy Shield agreement.

Read more about the interview from Bloomberg
Standard Post with Image

Law Firms can be subject to the NY Cybersecurity Regulation because “service providers” without their knowledge

On March 1, the Regulation on Cybersecurity Requirements for Financial Services of the Department of Financial Services of New York has come into force.  Section 500.11 Third Party Service Provider Security Policy of the Regulation could very well be applied to at least some law firms since they might fall into the definition of “service providers”.
Should this be the case, as covered entities they should develop and written policies and procedures to identify and assess risks, implement minimum cybersecurity practices, implement due diligence processes to evaluate the adequacy of cybersecurity practices, and conduct periodic assessments.

Read the text of the Regulation
Standard Post with Image

A Bank of Italy report on the risk of cyberattacks against small businesses indicates that one third of them suffered damages from such attacks

The Bank of Italy has published a report that focuses on preliminary evidence on the risk of cyber-attacks in the private sector.  It is an annual survey spanning from September, 2015 to September, 2016 on companies with more than 20 employees in industry and non-financial services.

The report is available here
Standard Post with Image

U.S. Chicago District

The U.S. Chicago District Judge Edmond E. Chang has issued a Memorandum Opinion and Order that Google Inc. is subject to claims because, when gathering and storing biometric data of millions of users without their consent, it violated their privacy.
A similar case is pending in front of the San Francisco Federal Court against Facebook Inc.

Read More
Standard Post with Image

Italian Association for IT Security (CLUSIT)

The Italian Association for IT Security (CLUSIT) released its 2016 report on 22.02.2017, which indicated that 2016 was “the worst year ever in terms of the evolution of the cyber threat and the relative impact”.  CLUSIT reports that in 2016, phishing attacks increased to a rate of 1,166% with respect to the previous year.  The report states that the highest increase was registered in the health sector (+ 102% over 2015), large-scale retail (+ 70% over 2015), and banking and finance (+ 64% over 2015).

Read More