Pretty much the only time I don’t feel like I am Chicken Little predicting a massive cyber-attack is when I am with my colleagues at the FBI, Secret Service, NSA and my students in the Brown Executive Masters of Cybersecurity who are members of the military. They don’t respond to my thoughts and fears of … Continue Reading
In view of Iran’s vows to retaliate against the United States for the death of Quassem Soleimani, the NYDFS has issued an industry letter to all regulated entities regarding the need for heightened cybersecurity precautions. The letter notes that it “is particularly concerning that Iran has a history of launching cyber-attacks against the U.S. and … Continue Reading
Three million fraud cases were reported to the FTC in 2018, and 444,602 of them involved identity theft. These reported cases (just think of how high the statistic would be if all cases were reported) amounts to the third most common type of fraud reported to the FTC. According to The Motley Fool, of those … Continue Reading
Last week, the Tex-Mex restaurant chain On the Border suffered a data breach that impacted its payment acceptance systems in 27 states. The restaurant says that some credit card information of customers who visited the chain between April and August 2019 may have been compromised. In a press release, On the Border representatives said, “Our … Continue Reading
The New York “Stop Hacks and Improve Electronic Data Security Act” (SHIELD Act), N.Y. Gen Bus. Law§ 899-bb, requires businesses that collect private information on New York residents to implement reasonable cybersecurity safeguards to protect that information. While this is a new law in the State of New York, it is simply joining other states, … Continue Reading
New Hampshire Governor Chris Sununu recently signed the New Hampshire Insurance Data Security Law, which “establishes the exclusive state standards applicable to licensees for data security, the investigation of a cybersecurity event…, and notification to the commissioner.” The law is applicable to all persons or entities licensed, authorized to operate, registered or required to be … Continue Reading
Two New York drone companies, AX Enterprize and Thales USA, were awarded a $7.75 million grant from the U.S. Air Force Research Lab to develop state-of-the-art air traffic management (ATM) systems to would allow civilian and military drones to safely coexist alongside manned aircraft in the national airspace. The project and research will be conducted … Continue Reading
New York Governor Andrew M. Cuomo signed a bill into law last week that expands New York’s data breach notification law. The Stop Hacks and Improve Electronic Data Security (SHIELD) Act brings the New York data breach notification law on par with other state data breach notification laws that have been amended in the last … Continue Reading
The North American Securities Administrators Association (NASAA) this week approved an information security model rule package aimed at improving the cybersecurity posture of the 17,543 state-registered advisers. The proposed model would require state-registered investment advisers to establish written cybersecurity policies and procedures designed to safeguard clients’ records and information, and to deliver its privacy policy … Continue Reading
Last week, a drone pilot was arrested for flying his drone into Barclays bank building during violent winds. Steve Funes operated his drone from the balcony of his 21st floor room at The Executive Plaza Hotel on West 51st Street. The crash occurred on nearby 7th Avenue. While the Barclays bank building was not damaged, … Continue Reading
As part of its Virtual Markets Integrity Initiative, on September 18, 2018, the New York Attorney General’s Office issued a report reviewing the platforms of various cryptocurrency exchanges. The initiative arose from the recognition that online virtual currency exchanges perform functions markedly similar to traditional stock exchanges and broker-dealers, but are generally not registered under … Continue Reading
In late August, the Attorney General of the State of New York announced a $200,000 settlement with a New York-based non-profit organization that provides services to developmentally disabled individuals and their families after concluding that the organization exposed sensitive personal information of its clients on the Internet for almost three years. The settlement is the … Continue Reading
As we noted earlier this year, Saks Fifth Avenue LLC, Saks Incorporated, and Lord & Taylor previously disclosed, on April 1, 2018, that some of their customers’ personal information may have been compromised in a data breach. Those companies all share the Canadian business group Hudson’s Bay Company (collectively with Lord & Taylor LLC, Saks … Continue Reading
Drones are becoming an everyday tool for more and more police and fire departments across the country. According to a study conducted by the Center for the Study of the Drone at New York’s Bard College, the number of public safety agencies with drones has more than doubled since the end of 2016. In fact, … Continue Reading
In the decades that followed the enactment of the Homestead Act of 1862, more than 1.6 million U.S. citizens and intended citizens filed applications with the U.S. government to lay claim to 160 acres of land guaranteed to each applicant willing to settle, farm and improve the lands. Settlers quickly encountered a major problem. The … Continue Reading
Drone Delivery Canada (DDC) began development of its newest drone, the Condor, last week, which is being engineered to provide payload capacities of up to 400 pounds. The Condor will be able to accept pallet-sized payload shipments (for transporting bulk cargo—both in Canada and abroad) and fly approximately 93 miles. Most important, the Condor will … Continue Reading
Northwell Health, a New York-based health system, is seeking to use a fleet of emergency drones, in combination with telehealth technology, to respond to accidents more quickly, treat opioid overdoses and even provide medical attention needed due to terrorists attacks. However, there are still a lot of barriers to burst through before Northwell Health can … Continue Reading
Drone Delivery Canada (DDC) of Toronto completed a series of successful drone delivery test flights at the beginning of this month in Rome, New York at the Griffiss International Airport. These drone delivery test flights were the first conducted by DDC in the United States. DDC used its Transport Canada-compliant Sparrow Drone (with a lift … Continue Reading
On March 1, 2018, the New York Department of Financial Services (NYDFS) “cybersecurity regulations” (23 NYCRR Part 500) took effect, placing a number of cybersecurity requirements on banks, insurance companies, and other financial services institutions and licensees regulated by the NYDFS (“Covered Entities”). To aid in compliance with the regulation, the NYDFS recently added new … Continue Reading
On March 1, 2018, the one year transition period within which banks, insurance companies, and other financial services institutions and licensees regulated by the New York Department of Financial Services (“Covered Entities”) must have implemented a cybersecurity program ends. By March 1, the Covered Entities must be in compliance with the following requirements: 23 NYCRR … Continue Reading
On February 15, 2018—that is, today—banks, insurance companies and other financial services institutions and licensees regulated by the New York Department of Financial Services (DFS) are required to file their first certification of compliance with DFS’s far reaching cybersecurity regulation (23 NYCRR Part 500) (the “Regulation”). The Regulation, which became effective on March 1, 2017, … Continue Reading
Last week, Governor of New York, Andrew Cuomo, announced the launch of a new State Police Unmanned Aerial System (UAS) program, which will be used for law enforcement missions, including, but not limited to, disaster response, traffic safety and crime scene investigation. To start, the program will launch four state police drones—Troop A, which will … Continue Reading
In a ten page letter that previews the Financial Industry Regulatory Authority’s (FINRA) priorities for 2018, initial coin offerings (ICOs) and transactions involving cryptocurrencies. This follows previous warnings by both the Securities and Exchange Commission (SEC) and FINRA about the risks associated with investing in ICOs and virtual currencies, including Bitcoin. SEC Chairman Jay Clayton … Continue Reading
Hilton Domestic Operating Co., Inc. (Hilton) has agreed to pay the New York and Vermont Attorneys General $700,000 to settle allegations that they violated those state consumer protection and data breach notification laws when it failed to implement reasonable security measures to protect consumer data and for waiting nine months to notify consumers of a … Continue Reading
