Tag Archives: cyber

JAMA: Cybersecurity Concerns and Medical Devices – Lessons from a Pacemaker Advisory

Interesting viewpoints from this Journal of the American Medical Association article on FDA’s August 2017 notice re: cyber security issues with certain pacemakers, including:

  • “This first widespread cybersecurity advisory involving a permanent medical device implant provides some insight into the ways in which the public experience with these types of medical device malfunctions might be improved.”
  • “Communications regarding widely used products for which multiple vendors exist in the marketplace should serve as opportunities to highlight current FDA and industry standards,…
  • More

The Massachusetts Attorney General’s Complaint Against Equifax

As most are aware, the Massachusetts Attorney General has won the race to the courthouse and been the first regulator to file suit against Equifax.

  • The 28 page complaint is summed up on paragraph 4:Consumers do not choose to give their private information to Equifax, and they do not have any reasonable manner of preventing Equifax from collecting, processing, using, or disclosing it. Equifax largely controls how,…
  • More

Is Computer Security Broken?

The Economist certainly thinks computer security is broken (and it’s hard to argue the contrary).  In its April 8 edition, The Economist’s cover story proclaims, “Why computers will never be safe.”  While that’s good news for some of us (at least in the short run), for most of us it’s a daunting proposition.  So how to address the problem?  Do we need more regulation, as The Economist suggests? … More

Cybersecurity News and Notes – July 25, 2016

In Case You Missed It: U.S. Major party platforms address cybersecurity.  The two major parties have released their 2016 election platforms, both of which include cybersecurity planks.  The Republican platform’s perspective of cybersecurity is an element of national security and international relations. The platform called for harsh responses to cyber-attacks against American businesses, institutions, and government, applauded the Cybersecurity Information Sharing Act of 2015, and pledged to “explore the possibility of a free market for Cyber-Insurance.” The Democratic platform is largely as a continuation of President Obama’s cybersecurity policies.… More

DHS Issues New Rules Governing Sharing of Cyberthreat Data

Last week, the Department of Homeland Security (“DHS”) released its Final Rules for private-sector information-sharing under the Cybersecurity Information Sharing Act of 2015 (“CISA”). CISA permits private companies to share cyber threat information with the U.S. government and shields those companies from liability for doing so.  The new CISA Rules outline exactly how this information-sharing will work, namely: how information is submitted; what information gets submitted; and what happens to the information after submission.… More

Reminder: March 1, 2016 Effective Date for Information Systems Security Programs Including Cybersecurity for NFA Members

As noted in our earlier Foley Adviser, March 1, 2016 is the effective date for NFA member firms (including futures commissions merchants, commodity trading advisors, commodity pool operators, introducing brokers, retail foreign exchange dealers, swap dealers, and major swap participants) to adopt and enforce written policies and procedures to secure customer data and access to their electronic systems.

If you have any questions regarding implementation of these policies and procedures,… More

The Cybersecurity Act of 2015: Implications for Threat Sharing

On December 18, 2015, President Obama signed the Cybersecurity Act of 2015 (The “Act”), legislation designed to combat online threats to the federal government, state and local governments, and private entities. Within the Act are four titles, the most significant of which is Title I, the Cybersecurity Information Sharing Act (“CISA”) (which begins at p. 694).

CISA addresses the manner in which the federal government and non-federal entities may share information about cyber threats and the defensive measures they may take to combat those threats.… More

Advanced Cyber Security Center Panel Explores Reasonableness in Cybersecurity

I had the pleasure of moderating an excellent panel at the Advanced Cyber Security Center’s annual conference on November 4. The panel’s topic for discussion was “What is Reasonable in Cybersecurity: Responsibility and Accountability for Cybersecurity Practices.” I learned a great deal from our excellent panelists, Gus Coldebella (Fish & Richardson), Deborah Hurley (Harvard University), and John Krebs (Federal Trade Commission), as well as from the audience’s questions.… More