Kim Peretti, co-chair of Alston & Bird’s Cybersecurity Preparedness & Response Team, has been invited to be a co-chair of Georgetown’s Cybersecurity Law Institute. The Cybersecurity Law Institute is in its third year and Ms. Peretti has been an advisory board member of the Institute for the past two years. In that time, she has already […]
Cybersecurity
Kim Peretti Speaking at NIST’s 2015 Cybersecurity Innovation Forum
Kim Peretti, co-chair of Alston & Bird’s Cybersecurity Preparedness & Response Team, will be a featured speaker at the 2015 Cybersecurity Innovation Forum (CIF) in Washington, DC, hosted by The National Institute of Standards and Technology (NIST). The CIF takes place September 9 – 11 and is a three-day event being planned with participation from the Department […]
Third Circuit Affirms FTC’s Authority to Regulate Data Security
On August 24, 2015, the Third Circuit affirmed U.S. District Court Judge Esther Salas’ April 2014 ruling in FTC v. Wyndham Worldwide Corp., et al. (“Wyndham”) that the FTC has the authority to regulate private companies’ cybersecurity practices under Section 5 of the FTC Act. (Prior blog posts on this case can be found here […]
Amended Washington Data Breach Law Requires Attorney General Notification, Imposes 45-Day Notice Time Limit
Earlier this year, Washington passed an amended version of its data breach notification law, which goes into effect Friday July 24, 2015. Washington’s updated breach notification statute will now, among other things, require compromised entities to notify the state Attorney General (AG) in some circumstances, and require notification to both consumers and, as applicable, the […]
PCI Security Standards Council Issues New Supplementary Compliance Requirements for the Data Security Standard
The Payment Card Industry (“PCI”) Security Standards Council (“SSC”) recently published a supplement to the PCI Data Security Standard (“DSS”) that will require certain Designated Entities to comply with an additional set of compliance-based requirements. The additional requirements, called the “Designated Entities Supplemental Validation,” or DESV, are designed to “help organizations make payment security part […]