Hunton Privacy

JUNE 9, 2015

179 (the “Bill”), which expands the definition of “personal information” in the state’s data security law. In addition, although Nevada’s data security law previously excluded “publicly available information. On May 13, 2015, Nevada Governor Brian Sandoval (R-NV) signed into law A.B. View the text of the Bill.

Insurance 49

Insurance Passwords Access Security 49

Data Protection Report

FEBRUARY 5, 2018

On 29 December 2017 the Standardization Administration of China issued an Information Security Technology – Personal Information Security Specification ?GB/T Expanded scope of personal information. GB/T 35273-2017?(the the “Specification”), which will come into effect on 1 May 2018.

Information Security 40

Information Security Security Compliance Personal data 40

Data Protection Report

AUGUST 27, 2018

This blog focuses on the CCPA’s broad definition of Personal Information. Stay tuned for additional blogs and information about our upcoming webinar on the CCPA. The California Consumer Privacy Act (“CCPA” or the “Act”) sets a new precedent with its sweeping definition of Personal Information (“PI”).

GDPR 40

GDPR Privacy Data breaches Sales 40

Troy Hunt

MAY 31, 2018

At the gala dinner last night, without any warning beforehand, I somehow walked away with this: #AusCERT2018 Award for Information Security Excellence goes to @troyhunt @AusCERT 2018 Gala Dinner pic.twitter.com/9lxmwX0tdR — ValdemarJakobsen???? jamver) May 31, 2018. Yes, that guy is wearing a cape, it was a Star Wars thing.).

Information Security 55

Information Security Security Data breaches IT 55

Hunton Privacy

DECEMBER 22, 2023

Operators also would be required to implement a written children’s personal information security program. Prohibiting the conditioning of participation on personal information collection.

Privacy 72

Privacy Data Privacy Education Information Security 72

Hunton Privacy

JUNE 9, 2022

The Vermont Insurance Data Security Law applies to “licensees”—those licensed, authorized to operate or registered, and those required to be licensed, authorized or registered, under Vermont insurance law, with few exceptions. Information Security Program Requirements.

Insurance 107

Insurance Security Information Security Cybersecurity 107

Security Affairs

JANUARY 3, 2024

When the victim clicks on a link that appears to be legitimate, they’re redirected to the attacker’s website, where malicious JavaScript is executed in the client’s browser or where they are prompted to enter sensitive information. All attackers need to do is modify the URL value to redirect to a malicious site.

Phishing 123

Phishing Manufacturing Access Information Security 123

Hunton Privacy

OCTOBER 11, 2010

On September 28, 2010, the German Federal Office for Information Security , (the Bundesamt für Sicherheit in der Informationstechnik or “BSI”) released a draft framework paper on information security issues related to cloud computing. The paper addresses the following issues: The definition of cloud computing.

Information Security 40

Information Security Paper Cloud Security 40

Hunton Privacy

MAY 25, 2023

Specifically, the FTC’s proposed amendments would: (1) clarify the Rule’s scope, revising several definitions to explain the Rule’s applicability to health apps and similar technologies not covered by HIPAA; (2) amend the definition of “breach of security” to clarify that it includes data security breaches and unauthorized disclosures; (3) revise the (..)

Cybersecurity 61

Cybersecurity Marketing Access Security 61

Hunton Privacy

MARCH 3, 2023

The bill proposes to amend the Gramm-Leach-Bliley Act (“GLBA”) by making the following changes: Financial institutions would need to notify “consumers” (in addition to customers) that their nonpublic personal information (“NPI”) is being collected; The definition of GLBA-covered “financial institution” would be updated to include “data aggregators”; (..)

Privacy 58

Privacy Data collection Data Privacy Access 58

IT Governance

APRIL 25, 2023

A malicious threat can be an employee, contractor or business partner who is liable to leak sensitive information. Preventing this from happening requires a nuanced approach to information security, and it’s one that organisations are increasingly struggling with. Learn more The post What Is an Insider Threat?

Data breaches 105

Data breaches Phishing Personal data Access 105

Hunton Privacy

MAY 3, 2022

Revising the definition of “previous donor.” In addition, if the seller and telemarketer do not coordinate to allocate responsibility for maintaining the required sets of records, both entities can be liable for a violation of the TSR where records are not properly kept.

Sales 98

Sales Marketing IT Information Security 98

Krebs on Security

DECEMBER 10, 2019

CISO Magazine , a publication dedicated to covering issues near and dear to corporate chief information security officers everywhere, has graciously awarded this author the designation of “ Cybersecurity Person of the Year ” in its December 2019 issue. KrebsOnSecurity is grateful for the unexpected honor.

Data breaches 139

Data breaches Information Security Cybersecurity Security 139

Security Affairs

OCTOBER 31, 2023

WiHD is a private tracker dedicated to distributing high-definition video content. WiHD, a popular torrent tracker specializing in HD movies, inadvertently exposed tens of thousands of its users, the Cybernews research team has recently discovered.

Passwords 116

Passwords Phishing Privacy Risk 116

Hunton Privacy

NOVEMBER 2, 2009

On October 30, as reported by the Bureau of National Affairs (“BNA”), the Massachusetts Office of Consumer Affairs and Business Regulation stated that final amendments to its information security regulations had been filed with the Massachusetts Secretary of State.

Information Security 40

Information Security Security Compliance IT 40

Security Affairs

FEBRUARY 13, 2024

During this period of 2023, the platform meticulously monitored 185 cybercriminal groups operating with ransomware technologies across over 342 servers and mirrors, consequently tallying a definition of 1771 ransomware claims identified globally.

Ransomware 116

Ransomware Data collection Cybersecurity Information Security 116

Security Affairs

JANUARY 19, 2024

Basically, Johna says they can solve problems for which the answer isn’t the best or the only, but good enough by some consistent definition of good enough , for example, policy hardening. There are lots of good reasons to deploy quantum computing, and many aren’t what most people think they are.

IT 121

IT Encryption Cybersecurity Security 121

eSecurity Planet

AUGUST 9, 2022

Virgin Islands, and Guam) have their own data breach notification laws (and each such state, accordingly, has its very own definition of such basic terms as “data” and “breach”) – with Massachusetts’ and California’s respective breach-notification schemes viewed as among the strictest. Security, Privacy and Compliance Can Conflict.

Data Privacy 137

Data Privacy Compliance Privacy Security 137

IT Governance

JUNE 5, 2018

It was also reported that the premises were secured by just one lock. These findings show a complete disregard for information security and data protection. Out of sight is definitely not out of mind. Organisations need to take data protection and information security seriously – especially those in the healthcare sector.

Security 90

Security Information Security Access Personal data 90

The Last Watchdog

DECEMBER 2, 2021

In fact, Gartner forecasts that global spending on information security and risk management services will reach $150.4 In order to secure this critical asset, the first step is understanding the growing threat of data exfiltration and ransomware and rethinking our approach to security. billion this year.

Ransomware 224

Ransomware Cybersecurity Risk Encryption 224

Hunton Privacy

OCTOBER 25, 2023

947 amends the California Consumer Privacy Act of 2018’s (“CCPA”) definition of “sensitive personal information” to include personal information that reveals a consumer’s “citizenship or immigration status,” while A.B. On October 8, 2023 and October 10, 2023, California Governor Gavin Newsom signed A.B. 1194 , S.B. 362 and S.B.

Manufacturing 72

Manufacturing Personal data Privacy Access 72

Data Matters

MARCH 12, 2019

The Safeguards Rule specifies that financial institutions subject to the FTC’s jurisdiction must develop, implement, and maintain a comprehensive information security program for handling customer data. Aligning the Safeguards Rule with State Regimes.

Privacy 68

Privacy IT Information Security Insurance 68

Krebs on Security

OCTOBER 20, 2022

“That’s definitely the first huge drop that happened throughout the time we’ve collected the profiles,” she said. In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations.

IT 261

IT Information Security Cybersecurity Security 261

Hunton Privacy

AUGUST 20, 2009

On August 17, 2009, Massachusetts announced revisions to its information security regulations and extended the deadline for compliance with those regulations. ” First and foremost, the revisions emphasize a more flexible, risk-based approach to developing an information security program. .”

Information Security 40

Information Security Compliance Computer and Electronics Security 40

Hunton Privacy

AUGUST 2, 2021

In passing the law, Connecticut joins a number of other states in expanding the definition of “personal information” in its data breach notification statute. Businesses must also follow up with direct notice as soon as possible following such preliminary substitute notice. Cybersecurity Safe Harbor (HB 6607).

Cybersecurity 87

Cybersecurity Insurance Military Data Privacy 87

The Last Watchdog

OCTOBER 24, 2022

Often, it is the first time a company has a common definition of data. VPNs allow employees to connect to the internet securely while hiding the company’s IP address. Identifying sensitive data is an essential part of effective information security. Data inventory also makes your data searchable.

Cybersecurity 191

Cybersecurity Security awareness Passwords Data breaches 191

IT Governance

JULY 8, 2019

Information security policy. Information security risk assessment process. Information security risk treatment plan. Information security objectives ; 7.2 Documented information determined by the organisation as being necessary for the effectiveness of the ISMS. Supplier security policy.

Information Security 78

Information Security Compliance Risk Security 78

Hunton Privacy

MARCH 15, 2024

ADMT Definition of Automated Decisionmaking Technology Clarify that a technology is an ADMT if it processes personal information and uses computation to execute a decision, replace human decisionmaking or substantially facilitate human decisionmaking. Streamline what must be included in an abridged risk assessment.

Risk 61

Risk Artificial Intelligence Compliance Privacy 61

Hunton Privacy

FEBRUARY 9, 2023

Although the bill closely follows the VCDPA, it departs from the Virginia law in several key areas, most notably in the definition of “personal data” and its applicability. The bill could make Texas the sixth U.S. state to enact major privacy legislation, following California, Virginia, Colorado, Utah, and Connecticut.

Privacy 69

Privacy Personal data Sales Compliance 69

Security Affairs

JULY 7, 2022

Policy makers, risk managers and information security practitioners need up-to-date and accurate information on the current threat landscape, supported by threat intelligence. I’m proud to announce that the European Union Agency for Cybersecurity, ENISA, has released the Threat Landscape Methodology.

Cybersecurity 110

Cybersecurity Risk Information Security Security 110

Security Affairs

SEPTEMBER 12, 2022

NASDAQ: MNDT) today announced that it has entered into a definitive agreement to be acquired by Google LLC for $23.00 The acquisition was announced in March 2022 by both companies: “ RESTON, Va., March 8, 2022 – Mandiant, Inc. per share in an all-cash transaction valued at approximately $5.4 billion, inclusive of Mandiant’s net cash.”

Cybersecurity 133

Cybersecurity Cloud Analytics Security 133

Hunton Privacy

DECEMBER 13, 2023

The new Rules also expand the definition of “breach” to include “inadvertent access, use, or disclosure of customer information, except in those cases where such information is acquired in good faith by an employee or agent of a carrier or TRS provider, and such information is not used improperly or further disclosed.”

Data breaches 52

Data breaches Encryption Communications Access 52

IT Governance

OCTOBER 10, 2019

The ISO/IEC 270001 family of standards, also known as the ISO 27000 series, is a series of best practices to help organisations improve their information security. An ISMS is a systematic approach to risk management, containing measures that address the three pillars of information security: people, processes and technology.

Information Security 87

Information Security Personal data Risk Cloud 87

Hunton Privacy

OCTOBER 1, 2021

With the breach law amendments, Connecticut joins a number of other states in expanding the definition of “personal information” in its data breach notification statute. In addition, Connecticut joins Ohio and Utah as the third state to enact a cybersecurity safe harbor statute.

Cybersecurity 73

Cybersecurity Data breaches Security IT 73

Security Affairs

JANUARY 12, 2023

CENTOS Web Panel RCE CVE-2022-44877 Attempt Tag is live and we're definitely seeing activity [link] pic.twitter.com/CXo8WSSRag — GreyNoise (@GreyNoiseIO) January 11, 2023. Researchers from Grey Noise and ShadowServer confirmed that threat actors are actively exploiting the flaw.

Security 98

Security IT Information Security 98

Hunton Privacy

JUNE 14, 2018

Notice to the Attorney General is required even if the covered entity maintains its own procedures for security breaches as part of an information security policy or pursuant to state or federal law.

Data breaches 65

Data breaches Security Passwords Military 65

Hunton Privacy

MAY 3, 2021

Nonetheless, the Draft DSL does not provide the definition of important data, which may be defined in future implementing rules. Article 30 differentiates how the cross-border transfer of important data is to be treated by critical information infrastructure (“CII”) operators and by other data processors.

Security 111

Security Cybersecurity Data collection Government 111