Category Archives: International

US, UK, Australia, Canada and New Zealand Issue Advisory on Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom have released a joint Cybersecurity Advisory (CSA) to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity from Russian state-sponsored cyber actors or Russian-aligned cybercrime groups.

Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure,… More

Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure (i.e., Dealing with the Fallout from Russia’s Invasion of Ukraine)

The Cybersecurity & Infrastructure Security Agency (“CISA”) has just released CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides proactive steps organizations can take to assess and mitigate risks from information manipulation. Malicious actors (i.e., Russia) may use tactics—such as misinformation, disinformation, and malinformation—to shape public opinion, undermine trust, and amplify division, which can lead to impacts to critical functions and services across multiple sectors. … More

China Adopts New Data Security Law

On June 10, 2021, China adopted a new Data Security Law that will impact every business operating in or doing business with China. The law, which will take effect in less than a month (September 1, 2021), is sweeping in scope, imposes extensive data processing obligations, and establishes potentially severe penalties for violations. Although many of the details surrounding implementation remain unclear, given the law’s extensive requirements and severe penalties for noncompliance,… More

Experts Anticipate Iran’s Next Move Will Include Cyberattacks on U.S. Energy Infrastructure

Security experts nationwide warn that the United States should expect serious cyberattacks from Iran in the next few months. The anticipated attacks, retaliation for United States’ killing of Major General Qasem Soleimani, are likely to include as targets oil refineries and other energy infrastructure.  The specific targets, and whether the attacks will be state-sponsored and strategic or carried out by individuals or smaller groups, remain unknown.

One reason underlying the likelihood that Iran will ramp up its cyberattacks is that,… More

EDPB Issues Opinion on the Interplay between the Clinical Trials Regulation and the GDPR

‎On January 23, 2019, the European Data Protection Board (“EDPB”) issued an interesting opinion about personal data processed in relation to clinical trials.

The main role of the EDPB – which succeeded the Article 29 Working Party – is to contribute to the consistent application of the GDPR throughout the European Union. Its tasks include providing general guidance to clarify the law and advising the European Commission on data protection issues and new legislations.… More

GDPR Creates Rugby Scrum

In a recent trip to Ireland, I was surprised to see two subjects that Ireland is known for — GDPR and rugby — coming into conflict.   As reported in the Sunday Business Post, World Rugby was lobbying the Irish government to create new data protection laws to address the interaction of anti-doping testing and the laws regarding transfer of data among and between different countries.  … More

Kaspersky Lab and Due Diligence – How Do You Minimize Risk?

Kaspersky Lab, a Russian-owned cybersecurity company that sells anti-virus software and other kinds of IT systems security products, has been banned from use by the federal government.  This latest development comes by way of the Department of Homeland Security (DHS), which issued a directive requiring agencies to (1) identify Kaspersky products they are using, (2) create plans to stop using those products, and,… More

General Data Protection Regulation: What It Means For US Healthcare/Life Science Companies (Part Two)

This is the second post in a three-part series designed to provide a summary of some of the GDPR features that are likely to have the most substantial impact on healthcare/life science related businesses. (Links for Part One and Part Three

New General Features of the GDPR

Some of the GDPR general features may be of particular interest for companies in the healthcare/life science sectors.… More

General Data Protection Regulation: What It Means For US Healthcare/Life Science Companies (Part One)

This is the first post in a three-part series designed to provide a summary of some of the GDPR features that are likely to have the most substantial impact on healthcare/life science related businesses. (Links for Part Two and Part Three)

The clock is ticking: on May 25, 2018, in less than a year from now, the General Data Protection Regulation (“the GDPR”) will apply in all Member States of the European Union (“EU”) and will replace the Directive 95/46/CE (“the Directive”).… More

How the French Fought the Election Hackers

Emmanuel Macron won France’s presidential election in a landslide. He defeated his opponent, Marine Le Pen, by more than thirty percentage points. Such a high margin might lead one to think that his victory was inevitable. But on the eve of the election, it did not seem that way.

On the Friday before the Sunday election, hackers released a trove of documents they had stolen from the Macron campaign.… More

“If You Are Reading This, You Probably Weren’t Hacked Last Week” – So Now What?

First, the basic facts about the recent ransomware attack:

  • US-CERT has received multiple reports of WannaCry ransomware infections in several countries around the world.
  • Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. Individuals and organizations are discouraged from paying the ransom, as this does not guarantee access will be restored.…
  • More

Trump Meets Xi: Will They Talk Cybersecurity?

President Trump has repeatedly claimed that his predecessor was weak on China. But at least with respect to cybersecurity, the facts don’t support that charge. In 2015, “following all-night negotiations,” Robert Silvers writes, the United States convinced China to sign on to a joint commitment against “cyber enabled theft of intellectual property.” Ever since, China’s hacking of U.S. companies has dropped off dramatically. Next month,… More