New York is the latest state to adopt a law that requires businesses that collect private information on its residents to implement reasonable cybersecurity safeguards to protect that information. New York now joins California, Massachusetts and Colorado in setting these standards. New York’s law mandates the implementation of a data security program, including measures such

On May 9, 2019, the United States Department of Justice announced the indictment of two Chinese Nationals as members of a sophisticated hacking group responsible for the hack of Anthem, Inc. and other unnamed U.S. based large technology, communications and basic materials companies. The hack resulted in the breach of personally identifiable information of over

We published an article with NYSBA Labor and Employment Law Journal, titled “Employee Threats to Critical Technologies Are Best Addressed Through a Formalized Insider Threat Risk Assessment Process and Program.” With the New York State Bar Association’s permission, we have linked it here.

It is highly likely that the National Association of Insurance Commissioners (“NAIC”) will adopt a model data cyber security law premised largely on the New York State Department of Financial Services (“NYSDFS”) cyber security regulations.  Recently, we discussed the NYSDFS’ proposed extension of its cyber security regulations to credit reporting agencies in the wake of