Archives: New + Now

Subscribe to New + Now RSS Feed

Changing the Conversation About Sharing and Using Health Information

Some app developers know more about our health than our doctors do. Take, for instance, FitBit, which is attached to our wrist and measuring in real time our temperature, our heart rate, our steps and whether we have had enough exercise for our age in a day. Some people sleep with their phones on their … Continue Reading

States and Municipalities on High Alert for Iranian Originated Cyber-Attacks

The Department of Homeland Security (DHS) is warning critical infrastructure operators to be on high alert for Iranian backed cyber-attacks because of the vulnerability of state and municipal computer systems, they are at high risk for attack from Iranian-based hackers. We have seen states and municipalities get hammered with ransomware in the past year. Now … Continue Reading

CCPA Recap for the New Year

After much anticipation and trepidation, the California Consumer Privacy Act (CCPA) went into effect on January 1, 2020. Many companies are understandably still grappling with the details of the law, the amendments, and the proposed regulations and how to comply with them. If you have not determined whether the CCPA applies to your company, and … Continue Reading

Biometric Suit Not Preempted by Workers’ Compensation Statute

An Illinois employee of Power Solutions International Inc. (Power Solutions) filed suit against his employer alleging violations of the Illinois Biometric Information Privacy Act (BIPA) when Power Solutions collected his fingerprints through a timekeeping system without providing consent to do so. Under BIPA, companies, including employers, are required to provide notice and consent to employees … Continue Reading

To Extend or Not to Extend Consumer Rights to All

Microsoft announced this week that it would extend the consumer rights currently given to California consumers through the California Consumer Privacy Act to all consumers—no matter where they reside. I applaud this move (especially because I don’t reside in CA). But why should my personal information be protected differently than those who live in California? … Continue Reading

CCPA Amendment Details to Consider

In delving deeply into the California Consumer Privacy Act (CCPA), the Amendments recently signed by the California Governor, and the proposed Regulations issued by the California Attorney General, we thought it would be helpful to point out some details that are important to consider for compliance which are not obvious in the CCPA discussions we … Continue Reading

FBI Warns of E-Skimming Threats

For those of you that have websites that process online payments (such as retail, hospitality, health care, entertainment and utilities), the Federal Bureau of Investigation (FBI) recently issued a warning about e-skimming threats to those websites. E-skimming occurs when an attacker introduces malicious code on the website to obtain in real time debit and credit … Continue Reading

NSA Warns of Hackers Attacking VPN Service Applications

The National Security Agency issued an advisory last week to warn companies and users that nation-state actors are actively exploiting vulnerabilities in several virtual private network (VPN) service applications to obtain access to users’ devices. The hackers are leveraging vulnerabilities in older versions of VPN applications, and if successful, the attackers can then remotely execute … Continue Reading

Department of Defense Subcontractors: Cybersecurity Compliance is Top Priority

The Office of the Under Secretary of Defense for Acquisition and Sustainment has been on a fast track mission to shore up the cybersecurity measures of defense contractors and the supply chain to the Department of Defense (DOD). It is in the process of developing a Cybersecurity Maturity Model Certification (CMMC) requirement for those vendors. … Continue Reading

Important Tool in Your Box: Spam Filter

I have been hanging out a lot with Chief Information Officers (CIO) and Chief Information Security Officers (CISO) these days at speaking engagements and conferences, as October – National Cybersecurity month – is always busy. The topic that keeps coming up in these conversations is phishing and how most ransomware attacks are started because an … Continue Reading

Survey Shows Fewer than 1/3 of Employees Receive Annual Cyber Training

Despite the fact that security experts have emphasized the importance of cyber education and training as a preventive measure to protect against a devastating data breach, Chubb’s Third Annual Cyber Risk Survey finds that only 31 percent of employees in the businesses surveyed receive cyber training and education on an annual basis. According to the … Continue Reading

Keep Privacy Shield Certification on the Radar Screen

After all of the GDPR compliance assessments, implementation and hullaballoo in the last year or so, many companies chose to certify that they are compliant with the EU-U.S. Privacy Shield framework rather than implementing a full-blown GDPR compliance program. To attain Privacy Shield certification, companies must submit an application and certify that when consumer data … Continue Reading

Initial Coin Offerings (ICOs) on SEC’s Radar

This month, the Securities and Exchange Commission (SEC) announced that it has entered into a settlement with SimplyVital Health, Inc., a blockchain company that offered and sold approximately $6.3 million worth of securities to the public. The SEC alleged that the plan to conduct an initial coin offering (ICO) to raise money to develop a … Continue Reading

Can You Really Protect Against Ransomware?

We’ve written a few times recently about municipalities, companies, and government agencies hit with ransomware attacks this year. In early July, it was reported that a court system in Georgia was attacked with ransomware, causing lawyers, court employees and the public to have to rely on “old school” paper to file pleadings and keep the … Continue Reading

Clever Call Center Concept

My husband was recently booking some travel for us and had an interesting experience that he thought was worth sharing. While he was providing his credit card number to the person who was assisting with the booking, that person told him before he gave the credit card number and CVV number to wait a moment, … Continue Reading

Pay Attention to Your Firewalls

After the Capital One data breach, which was reportedly caused by an improperly configured firewall, every company should be paying attention to its firewalls. This is not the first data breach that has occurred because a firewall was not properly in place for data stored in the Cloud. I’m a lawyer, and I know very … Continue Reading

Business Email Compromises Bilking U.S. Companies Out of $301M Per Month

The United States Treasury Department came out with a report last week that concludes that business email compromises (BEC) are costing U.S. companies more than $301 million per month. The report confirms that the two industries hit the hardest by these scams are manufacturing and construction. The report, issued by the Treasury Department’s Financial Crimes … Continue Reading

Cities Consider Banning the Use of Facial Recognition Technology

In the footsteps of San Francisco’s ban of the use of facial recognition technology, the cities of Somerville, Massachusetts, Oakland, California, and Berkeley, California are considering banning the use of facial recognition technology by municipal agencies. The proposed ban is in the midst of more and more cameras and smart technology being used for traffic … Continue Reading
LexBlog