On November 18, the U.S. Department of Defense (“DoD”) published a final safeguarding rule (the “UCTI Safeguarding Rule”) applicable to contractors in possession of unclassified yet nonpublic technical information (“UCTI”) that requires them to, at a minimum, satisfy the security controls specified in NIST Special Publication (SP) 800-53 in order to safeguard UCTI. Additionally, the UCTI Safeguarding […]
AvMed’s Novel Data Breach Settlement- First Time Payment to Plaintiffs Who Have Not Suffered Identity Theft as a Result of Data Breach
Recently, AvMed agreed to pay $3 million in a data breach settlement. What sets this apart from other data breach settlements is Plaintiffs who have not suffered identity theft as a result of the breach may nevertheless collect from the Settlement Fund. Plaintiffs who did not suffer identity theft claimed they were injured by overpaying […]
Kim Peretti to Speak at the 2013 New York County District Attorney’s Office Fall Symposium
On November 19, Kim Peretti, co-chair of the firm’s Security Incident Management & Response team, will participate as a featured speaker in the New York County District Attorney’s Office 2013 Fall Symposium, “Financial Crimes and Cybersecurity.” She will speak at the session “Cyber Developments in the Financial Industry.”
NIST Releases Preliminary Cybersecurity Framework
October 22, 2013, the National Institute for Standards and Technology (NIST) posted a preliminary cybersecurity framework (the “Framework”) on its website. The complete Framework had been expected to be unveiled earlier in October, but was delayed as a result of the federal government shutdown. For background on earlier activity with respect to the Framework, please see the […]
Kim Peretti Interviewed by BankInfoSecurity about Her Discussion at the 2013 Fraud Summit
On October 22, Alston & Bird’s Kim Peretti, Security Incident Management & Response Team co-chair, spoke at the 2013 Fraud Summit in a session titled “Post-Fraud Investigation: Effective, Efficient, Defensible.” Her presentation focused on how organizations must ensure they are prepared to respond effectively, efficiently and defensibly when they detect fraudulent activity. Following the conference, […]