On August 11, 2021, the Federal Financial Institutions Examination Council (the “FFIEC”) issued new guidance on risk management principles for access to and authentication of electronic funds transfers for the first time in over a decade, titled Authentication and Access to Financial
Continue Reading An Enhanced Standard of Commercial Reasonableness for Security Procedures? The FFIEC Updates Its Authentication Guidance for Internet-Based Financial Services
The Federal Trade Commission’s increased activity in the data security arena continues, as the FTC has ordered nine social media and video streaming companies—including Facebook, Twitter, TikTok, and Reddit—to provide data on their data privacy practices. The orders seek to
Continue Reading FTC Launches Investigation Into Facebook, Twitter, and Other Social Media Sites
The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a joint warning that malicious cyber actors are targeting kindergarten through twelfth-grade (K-12) educational institutions. These actors are initiating ransomware
Continue Reading Cyber Actors Hit K-12 Distance Learning Efforts With Ransomware and Phishing Attacks
Last week FireEye announced publicly that it had suffered a cyber-attack by a “highly sophisticated state-sponsored attacker utilizing novel techniques.”[1] FireEye is a leading cybersecurity firm whom provides information security services and tools, including forensic investigation services, to high
Continue Reading CISA Issues Warning to Mitigate Widespread Vulnerability
While public attention focused on the federal and state elections, Michigan voters made an important decision—they adopted Proposal 20-2, which amended Michigan’s Constitution to extend its protection from unreasonable searches and seizures to electronic data and communications. With the proliferation
Continue Reading Michigan Voters Add Constitutional Protections for Electronic Data and Communications
On November 9, the FTC announced a settlement of its complaint against Zoom Video Communications, Inc. The complaint charged Zoom with deceptive and unfair privacy and security practices, including claiming that it offered end-to-end encryption.
The end-to-end encryption claim has
Continue Reading FTC Settles Complaint Against Zoom Regarding End-to-End Encryption
“This article was originally published with Security Toolbox on September 15, 2020. You can view the original content, here.”
Domestic and international politics have invaded the field of data security, and the COVID-19 pandemic has only added to this
Continue Reading Political Cost of Data Leaks: Data Security in the Crosshairs
Just over eight months after the effective date of the California Consumer Privacy Act (CCPA), the California Office of Administrative Law (OAL) approved the final California Attorney General’s CCPA regulations on June 1, 2020. The regulations are effective immediately.
Cannabis companies nationwide are facing yet another statutory obstacle that can have serious (and potential ruinous) consequences for the emerging industry if not appropriately addressed—the Telephone Consumer Protection Act (“TCPA”). There is a recent uptick in class-action lawsuits filed against
Continue Reading Why Cannabis Companies Need to Care About the TCPA
Months ago, the Firewall warned that cybercriminals were taking advantage of the anxiety and insecurity from COVID-19 to promulgate phishing schemes, malware, and other schemes. Interpol recently released a report (click here to download PDF from Interpol) warning
Continue Reading COVID-19 Increases Data Security Threats, Interpol Warns
