Last Friday, May 1, the White House signed an executive order prohibiting Federal Agencies and U.S. persons from acquiring, importing, transferring, or installing any bulk power system (“BPS”) equipment in which:
Note: This post was originally posted in our Southeast Financial Litigation Monitor.
Gregory C. Cook & Brandon N. Robinson
The story is becoming all too common. A merchant (or consumer) is convinced to wire money to a fraudulent account because of an incorrect belief that they are wiring the money to the real party.
According to a Bloomberg article posted earlier this morning, the U.S. Health and Human Services Department (“HHS”) suffered a cyber attack on its computer systems Sunday night. The attack appears to have been intended to slow the agency’s systems, but was unable to do so in any meaningful way. Just before midnight, the National Security
In our Southeast Financial Litigation Monitor, our own Lindsey Catlett posts about a recent opinion in Southern Independent Bank vs. Fred’s Inc., in which the Middle District of Alabama denied class certification following a data breach which allegedly affected over 2,000 financial institutions across the country. Southern Independent, a community bank located in south
On July 19, 2018, the Federal Energy Regulatory Commission (FERC) issued a final rule (Order No. 848) directing the North American Electric Reliability Corporation (NERC) to develop and submit modifications to NERC Reliability Standards related to Cyber Security Incident reporting. FERC recognized that, under the current Cyber Security Incident reporting Reliability Standard, incidents are only
On Wednesday, March 28, 2018, the Alabama Data Breach Notification Act of 2018 (SB318) was signed into law by the Governor, making Alabama round out the roster of 50 states with data breach notification laws. (South Dakota’s data breach notification was signed by its governor on March 21, 2018, making it the 49
On February 21, 2018, the Securities and Exchange Commission (SEC) published a release entitled “Commission Statement and Guidance on Public Company Cybersecurity Disclosures” (“Release”). Designed to assist public companies in preparing disclosures concerning cybersecurity risk and incidents, the release expands upon the SEC’s previous guidance in 2011 to emphasize particular areas, including board
With the May 25, 2018 deadline quickly approaching, many businesses are scrambling to prepare for compliance with the EU’s General Data Protection Regulation (GDPR), and questions and conversations are heating up. Still others are still trying to wrap their arms around what GDPR is and what it means for U.S. businesses. For those of you
On December 5, 2017, NIST published a revised version of the NIST Cybersecurity Framework (i.e., Draft 2 of Version 1.1) (“Framework”). According to NIST, Version 1.1 of the Framework refines, clarifies, and enhances Version 1.0 of the Framework issued in February 2014, and the recently published Draft 2 of Version 1.1 is informed by over
On November 15, 2017, the Trump administration released the Vulnerabilities Equities Policy and Process. This document describes the process by which U.S. agencies and departments determine whether to disclose or restrict information on vulnerabilities in information systems and technologies. The Vulnerabilities Equities Process (VEP) balances whether to disclose vulnerability information to the vendor or supplier
