On April 15, 2015, the Payment Card Industry Security Standards Council (PCI-SSC) updated the PCI Data Security Standard (PCI-DSS) from version 3.0 to version 3.1. The new version is effective immediately. PCI DSS Version 3.0 will be retired on June … [Read more] about PCI-DSS Standard Updated To Address SSL Vulnerabilities
FCC Adopts Consent Order with AT&T Over Alleged Data Security Violations
The Federal Communications Commission (FCC) announced on April 8 that it had adopted a consent decree between its Enforcement Bureau and AT&T Services, Inc. (AT&T), including a civil penalty of $25 million and a requirement to adopt a … [Read more] about FCC Adopts Consent Order with AT&T Over Alleged Data Security Violations
Kim Peretti and Dominique Shelton Speaking at Georgetown’s 2015 Cybersecurity Law Institute
Kim Peretti and Dominique Shelton will be featured speakers at the 3rd Annual Cybersecurity Law Institute, hosted by Georgetown Law Continuing Legal Education, and co-sponsored by the American Bar Association Cybersecurity Legal Task Force, Bloomberg … [Read more] about Kim Peretti and Dominique Shelton Speaking at Georgetown’s 2015 Cybersecurity Law Institute
New York State Regulator to Examine Insurers on Cybersecurity Following Comprehensive Risk Assessments
On March 26, 2015, Benjamin Lawsky, Superintendent of the New York State Department of Financial Services (DFS), sent a letter to the CEOs, General Counsel, and Chief Information Officers of all insurers doing business in the state to inform them of … [Read more] about New York State Regulator to Examine Insurers on Cybersecurity Following Comprehensive Risk Assessments
FFIEC Issues Warnings on Malware and Cyber Attacks
The Federal Financial Institutions Examination Council (FFIEC) has issued two joint statements warning of specific cyber risks. The warnings, which were issued on March 30, 2015, address risks arising from destructive malware, which can destroy … [Read more] about FFIEC Issues Warnings on Malware and Cyber Attacks