Sponsor Tables Shine at the Cyber Risk Summit In Philly August 6th, 2018   NetDiligence held its 9th annual Cyber Risk Summit on June 12-14th in Philadelphia.  This year, the conference focused on educating attendees on current breach risk management protocols and practical knowledge for cybersecurity insurance brokers, attorneys and Chief Information Security Officers (CISOs). eWhiteHouseWatch had the privilege to cover the conference in its entirety again this year. A conference regular, Nick Economidis of Crum & Forster noted that “the conference has grown tremendously over the past nine years because it features experts from various disciplines and provides real insights.”

By: Frank X. Wukovits 4/5/2018   On March 23, 2018, the Clarifying Lawful Overseas Use of Data [CLOUD] Act was signed into law as a part of the Omnibus Spending Bill. In short, the legislation sets forth a myriad of provisions involving procedures and methods of storage, access, and retrieval of data between the United States and foreign governmental entities. As a result, the CLOUD Act's provisions create a potential (and perhaps inevitable) conflict between privacy and efficient governance.

By: Frank X. Wukovits March 21st, 2018     This past month, the Council of Economic Advisers (CEA) released a report, The Cost of Malicious Cyber Activity to the U.S. Economy. The report identifies and articulates the impact recent cybercriminal behavior has had on the United States economy and identifies several issues impeding sufficient cybersecurity measures. The report details distinct forms of malicious cyber activity and highlights the sectors of the economy that are most vulnerable to such activity. However, the CEA notes that the vernacular used to describe cybersecurity concepts and issues in the report are not uniform and may differ from other reports published in the cybersecurity community. In general, malicious cyber activities involve cybersecurity incidents, which are described as explicit or implied security policy violations. Private and public entities experience various forms of cybersecurity incidents, which essentially intend to compromise an entity’s confidentiality, integrity, and/or availability (CIA).  

Angela M. Cooper January 28th, 2018   On January 28th, 2018 the United States, and many other nations, celebrated National Data Privacy Day. The Data Protection Day celebration in Europe pre-dated the US and Canadian celebrations. Data Protection Day commemorates the signing of the Council of Europe’s Convention 108. The Convention was the first legally binding international treaty dealing with privacy and data protection in history. The treaty was signed and ratified by 51 nations including 9 non-Council of Europe members. While the US did not sign the treaty, they have enacted resolutions for there to be an official day of observance for Data Protection. This day of observance was established in 2009 by the 111th US Congress’ enactment of Senate resolution 25 and House resolution 31. The 2010 version, in Senate resolution 402, “[r]esolved[] that the Senate--

By: Angela M. Cooper 1/17/2018   Recent news has sent Intel stock dropping and cyber-threat analysis upgrading the threat level. The ‘Intel chip’ vulnerability, which allows personal data to be accessible on devices using Intel chips, has been evolving through recent updates. It now includes more than just Intel chips, unlike the original reports seem to indicate. The vulnerability may have been characterized as an ‘Intel’ issue, but it is not limited to Intel’s processor chips. Indeed, the vulnerability is for most processor chips found in most computing devices. Different processors, including AMD and ARM, may have varying levels of vulnerability and are currently under review.

January 9th, 2018 By: Connor Breza   To close out 2017, on December 4th and 5th ALM Media hosted its annual cyberSecure 2017 conference in New York City.  The two day conference, which took a holistic approach to cyber-security, brought together professionals across industries and functions to better prepare corporations and corporate leaders for cyber risks and to “shape policies, risk management strategy, compliance programs, and an organization’s cyber-incident response playbook.”  The event’s main focus was to educate in-house counsel, compliance and privacy officers, technology solution providers, law firms and advisory consulting professionals on ways to improve their preparedness and response time to the growing dangers of cyber attacks that may hinder a business’s functionality, and to provide better strategies to strengthen corporate “cyber resiliency.”