On October 27, 2021, the FTC released its much-anticipated final revisions to the Gramm-Leach-Bliley Safeguards Rule (Safeguards Rule or Final Rule), following a 3-2 vote along party lines and also released a notice of proposed rulemaking that would require reporting to the FTC of certain cybersecurity events. Revisions to the Safeguards Rule Effective since 2003, […]
Cybersecurity
Treasury FinCEN Releases Financial Trend Analysis of Ransomware Trends in 2021
By Kim Peretti, Brian Frey, and Kristen Bartolotta On October 15, 2021 the Financial Crimes Enforcement Network (FinCen) of the Treasury Department issued a financial trend analysis on ransomware relating to Bank Secrecy Act (BSA) reporting filed in the first half of this year. FinCEN examined ransomware-related Suspicious Activity Reports (SARs) filed between January 1 […]
Department of Justice Announces New Civil Fraud Cybersecurity Enforcement Team
On October 6, 2021, Deputy Attorney General Lisa O. Monaco announced the launch of the Department of Justice’s Civil Cyber-Fraud Initiative. The Department plans to use civil enforcement tools to “pursue…those who are government contractors who receive federal funds, when they fail to follow required cybersecurity standards.” Stating the Department will pursue “very hefty fines,” […]
California Federal Court Dismisses Data Security-Related Securities Fraud Class Action
A California federal court has dismissed a putative securities fraud class action alleging that a large title insurer that disclosed a data security incident in May 2019 made false and misleading statements related to its data security practices and the incident. The dismissal follows the June 2021 settlement of a related Securities & Exchange Commission […]
Biden Administration To Issue Cybersecurity “Performance Goals” For Critical Infrastructure
Yesterday, the Biden Administration issued a National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems (“Memorandum”). A short summary is below. However, the primary take away is that the government will be establishing preliminary cybersecurity performance goals for certain industries no later than September 2021. While we do not yet know what these […]