The National Institute of Standards and Technology recently released its guidance on the proliferation of mobile-related threats to network security. NIST’s recent guidance can be found here: http://csrc.nist.gov/publications/drafts/nistir-8144/nistir8144_draft.pdf.
Yesterday, the New York State Department of Financial Services (“DFS”) released draft regulations on cybersecurity potentially effecting all entities licensed or permitted by DFS. The DFS Press release is here: http://www.dfs.ny.gov/about/press/pr1609131.htm and the draft regulations can be found here: http://www.dfs.ny.gov/legal/regulations/proposed/rp500t.pdf. DFS first announced its intention to issue these regulations in a letter to federal regulators in November 2015, seeking collaboration with the relevant federal authorities.
F. Paul Greene, Partner and Chair of the Privacy and Data Security Practice Group at Harter Secrest & Emery, joined the panel for the Building Blocks of Cyber Security event hosted by Innovative Solutions, Logical Operations and Lawley Insurance on September 13, 2016.
On October 5th at 2:30 pm HSE Partner and Chair of the Privacy and Data Security Practice Group, F. Paul Greene, will be speaking at the Rochester Security Summit 2016 at the Hyatt Regency hotel in Rochester, NY.
In our first post in this series, we discussed the origins of the NIST Cybersecurity Framework and gave our assessment that the Framework would serve not only as a helpful tool for companies looking for support in securing their networks, but also as a guidepost for best practices in the realm of data security. Recent guidance published by the FTC gives credence to this assessment. In a blog post made available to the public just last week (available here), the FTC discussed the Framework and noted favorably that its “functions signify the key elements of effective cybersecurity.” This post discusses the importance of the FTC’s insight and identifies the Framework’s “Core” components.