Cybergovernance Journal Update – 3/17/17
Free Monthly Newsletter Sign up for monthly digest on cyber risk governance. Here’s the most recent edition.
Not all cybersecurity frameworks are equal. While some companies recognize they need to utilize the most comprehensive plans, others will only implement the bare minimum putting other institutions at risk.
NY Cybersecurity Rules Will Spur Action But Not Uniformity
Law360, Mar. 9
“I think the New York regulations will be looked at in the future as how not to engage in cybersecurity regulation,” Pillsbury Winthrop Shaw Pittman LLP partner Brian E. Finch said. He called the regulation “while surely well-intentioned … a mélange of basic security measures thrown together with no clear guidance on how they are supposed to work together or what would even constitute a sufficient or reasonable program for a covered entity to implement…”
Assessing China’s Proposal for International Cooperation on Cyberspace
Canada Free Press, Mar. 15
A legally binding international convention or treaty to prevent misuse of cyber technologies is highly unlikely to happen. Among other things, ideological differences over the degree of governmental regulation of the Internet in the name of “security,” including the circumstances in which imposing restrictions on access and content can ever be justified, have prevented international consensus.
Why Healthcare Cybersecurity is a Risk Management Issue
HealthIT Security, Feb. 22
61 percent of respondents said they are using the NIST Cybersecurity Framework, while 36 percent said they utilize HITRUST. Approximately one-third – 36 percent – also reported that they use ITIL.
Legal Liability from Cyberattacks in Oil & Gas Industry
Oil & Gas Financial Journal, Feb. 20
The energy sector bears the risk that hackers could access company databases and control systems for the malicious purpose of causing mayhem, tangible business disruption, or destruction to people and property. We offer five tips on how energy companies can mitigate their legal liability from cyberattacks…
Credit Union Slams Eddie Bauer Over Data Breach
Law360, Mar.8
Veridian Credit Union alleges that credit unions, banks and other financial institutions have been left to to pick up the pieces after Eddie Bauer’s failure to employ adequate security measures opened the door to a security breach that compromised shoppers’ credit and debit card information from Jan. 2 to July 17 of 2016.
AUSTRALIA: Cybersecurity is a Huge Concern
Tax-News, Mar. 15
The Australian National Audit Office (ANAO) has said that the tax office must improve its cybersecurity arrangements. The ANAO recommended that the organizations concerned periodically assess their cybersecurity activities to provide assurance that they are accurately aligned with the outcomes of the Government’s mitigation strategies, and their own IT security objectives…
Subscribe
Be notified of new Journal entries in your email box or Follow us on Twitter.