Debevoise Data Blog – Page 88

Webcast – How to Demonstrate “Reasonable Cybersecurity Procedures” for Regulatory Inquiries and Litigation

By: Avi Gesser and Stephanie Cipolla June 17, 2020

On June 16, Avi Gesser, Stephanie Cipolla, and special guests Art Ehuan from Crypsis and Ed Cabrera from Trend Micro discussed the hallmarks of a reasonable corporate cybersecurity program for the purposes of defending litigation or responding to regulatory inquiries, including: Technical controls (MFA, access rights, encryption, network segmentation, endpoint detection, etc.) Administrative controls (policies, procedures, training, resources, vendor management, etc.)…

Six Tips for Getting Rid of Old Electronic Files, Which Reduces Cyber and Privacy Risk and Is Now a Legal Requirement for Most Companies

By: Avi Gesser, Friedrich Popp, Mengyi Xu and Michael Bloom June 15, 2020

Introduction Much has been written recently on the increased cybersecurity and privacy risks that companies are facing. One of the most effective ways for organizations to mitigate those risks is to significantly reduce the amount of data that they collect and maintain. Having less data means that there is less sensitive information to protect from hacks or leaks which is…

FBI Warns of a Rise in Business Email Compromise Scams — Tips for Preventing and Responding to BECs in Remote Work Environments

By: Avi Gesser, Zila Reyes Acosta-Grimes, Christopher S. Ford, Robert Maddox and Brenna Rae Sooy June 11, 2020

On June 9, Calvin A. Shivers, Assistant Director of the Criminal Investigative Division of the FBI, testified before the Senate Judiciary Committee regarding a variety of frauds during COVID-19, including Business Email Compromise (“BEC”) frauds and the FBI’s response. BECs are among the most successful and persistent forms of cyber attacks. Indeed, the FBI has seen increases in cyber-enabled financial…

The Debevoise Data Strategy & Security Practice Announces the Launch of Its Data Blog and Data Portal

By: Jeffrey P. Cunard, Luke Dembosky, Jeremy Feigelson, Avi Gesser, Jim Pastore, Jane Shvets and Lisa Zornberg June 8, 2020

Today, Debevoise’s Data Strategy & Security practice (DSS) is launching a Data Blog to help clients identify and respond to emerging issues, and a Debevoise Data Portal to help clients facing a breach assess and begin addressing their notification obligations within minutes of detection. We are also introducing DSS as the new name for our practice, which had been called Cybersecurity & Data…

CCPA Regulations Submitted to the California Office of Administrative Law for Publication

By: Jeffrey P. Cunard, Luke Dembosky, Jeremy Feigelson, Avi Gesser, Jim Pastore, Lisa Zornberg, Jeremy Beutler, HJ Brehmer, Christopher S. Ford and Alexandra P. Swain June 4, 2020

It looks like the California Attorney General’s implementing regulations for the California Consumer Privacy Act (“CCPA”) are, finally, final. On June 1, 2020, the California Attorney General submitted for publication the final proposed regulations. The California Office of Administrative Law now has 30 working days, plus an additional 60 calendar days under an Executive Order issued in connection with the…