As the COVID era drags on, it is clear that work life “post-COVID” may be very different from life “pre-COVID.” This is especially true as it relates to IT security. More and more employees have shifted to a telecommuting work model, and for many businesses that may be the case for an indefinite period of time. This raises important questions as to which security improvements or other changes IT departments need to make in 2021 to keep their businesses and client data safer from cyberattacks.
Faegre Drinker on Law and Technology Podcast: Evolving U.S. and International Privacy Laws in 2021 and Beyond
Privacy laws continue to proliferate both across U.S. states and at the international level, making it imperative for businesses to implement strong and adaptive data governance programs. In the latest episode of the Faegre Drinker on Law and Technology Podcast, host Jason G. Weiss and guests Mary Devlin Capizzi and Peter Blenkinsop look back on the evolution of privacy laws over the last 20 years, evaluate the impact of recent laws and how they may shape the future of privacy regulations, and provide some helpful guidance for companies working to stay on top of this evolving regulatory landscape.
Buyer Beware: The Internet of Things Comes Under New Cyber Attack from Multiple Fronts
It is estimated that by the end of 2020, there will be more than 50,000,000,000 (yes, billion) connected devices that are part of the Internet of Things (IoT). This is a five million percent increase in IoT devices over the last 20 years. Most of these devices are designed and manufactured for use in homes and vehicles or are wearable devices. These devices include everything from home security cameras to baby monitors, thermostats, car ignition starters, smart watches and even medical devices, such as pacemakers. There are literally thousands of different types of IoT devices that integrate into almost every aspect of your home and work life.
Cyber Attackers Threaten COVID-19 Vaccine Distribution Chain
As COVID-19 vaccine approvals and eventual distribution kicks into high gear, there has been a corresponding – and not particularly surprising – increase in cyber threat activity targeting both vaccine producers and other companies involved in the vaccine distribution chain. Most notably, “cold chain” companies responsible for safely storing and transporting the vaccines have been targeted. The problem has become so severe that both the Federal Bureau of Investigation (FBI) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) recently issued a joint security alert on December 3, 2020 highlighting the risk to the coronavirus vaccine distribution chain.
Continue reading “Cyber Attackers Threaten COVID-19 Vaccine Distribution Chain”
Draft Standard Contractual Clauses Released by European Commission: New Clause Cause for Applause?
Following on from last week’s big announcement by the European Data Protection Board (EDPB) on its expectations for international data transfers after the European Court of Justice’s July 16 Schrems II decision, the European Commission released a draft set of new Standard Contractual Clauses (SCCs) and a draft implementing decision. The Commission’s draft set of clauses allows for two new types of transfer and contains important updates to bring the text of the clauses in line with the General Data Protection Regulation. The draft documents are now available for public consultation, and both the EDPB and the European Data Protection Supervisor will be asked for their opinions on the documents. Following the Schrems II decision, many organizations have been waiting for guidance on additional safeguards and for the (long overdue) arrival of updated Standard Contractual Clauses. While the last few days have seen some welcome developments after a period of hiatus, organizations will likely need some time to assess the practical implications before making radical changes to international data transfer arrangements.
For the full alert, visit the Faegre Drinker website.
Faegre Drinker on Law and Technology Podcast: Exploring the New York SHIELD Act
The New York Stop Hacks and Improve Electronic Data Security (SHIELD) Act updated and expanded the state’s data breach notification requirements and introduced new and broad privacy and cybersecurity requirements that exceed those imposed by most other states around the country. In the latest episode of the Faegre Drinker on Law and Technology Podcast, Jason G. Weiss sits down with Peter Baldwin for insight into a number of questions regarding this sweeping new law.
Continue reading “Faegre Drinker on Law and Technology Podcast: Exploring the New York SHIELD Act”