legislation – Page 2 – WindowsTechs.com

SEC Charges Intercontinental Exchange and Nine Affiliates Including the New York Stock Exchange with Failing to Inform the Commission of a Cyber Intrusion

Posted on May 22, 2024 by Dissent Doe PHD

Washington D.C., May 22, 2024 — The Securities and Exchange Commission today announced that The Intercontinental Exchange, Inc. (ICE) agreed to pay a $10 million penalty to settle charges that it caused the failure of nine wholly-owned subsidiaries, in… Continue reading SEC Charges Intercontinental Exchange and Nine Affiliates Including the New York Stock Exchange with Failing to Inform the Commission of a Cyber Intrusion→

UK to propose mandatory reporting for ransomware attacks and licensing regime for all payments

Posted on May 21, 2024 by Dissent Doe PHD

“Mother, May I?” UK entities may need permission to make ransom payments. Alexander Martin reports: Officials in Britain are set to propose a major overhaul of how the country responds to ransomware attacks by requiring all victims to repor… Continue reading UK to propose mandatory reporting for ransomware attacks and licensing regime for all payments→

Utah Updates to Breach Notification Requirements Take Effect

Posted on May 20, 2024 by Dissent Doe PHD

Dorothy Parson McDermott of JacksonLewis writes: On May 1, 2024, amendments to Utah’s cybersecurity and data breach notification law took effect. The state’s cybersecurity and data breach notification law requires an organization that conducts business… Continue reading Utah Updates to Breach Notification Requirements Take Effect→

SEC amends Reg S-P to require data breach notification within 30 days

Posted on May 17, 2024 by Dissent Doe PHD

Aaron Nicodemus reports: The Securities and Exchange Commission (SEC) will require broker-dealers and registered investment advisers to adopt written policies and procedures for handling data breaches of customer data and notify affected customers with… Continue reading SEC amends Reg S-P to require data breach notification within 30 days→

Singapore Cybersecurity Update Puts Cloud Providers on Notice

Posted on May 15, 2024 by Dissent Doe PHD

Robert Lemos writes: Lawmakers in Singapore updated the nation’s cybersecurity regulations on May 7, giving more power to the agency responsible for enforcing the rules, adopting definitions of computer systems that include cloud infrastructure, … Continue reading Singapore Cybersecurity Update Puts Cloud Providers on Notice→

Telemarketing: the Privacy Guarantor sanctions Enel Energia. The company had not protected its databases from access by abusive brokers

Posted on May 14, 2024 by Dissent Doe PHD

Seen at GPDP: Telemarketing: the Privacy Guarantor sanctions Enel Energia The company had not protected its databases from access by abusive touts The Privacy Guarantor has imposed a fine of over 79 million euros on Enel Energia for serious shortcoming… Continue reading Telemarketing: the Privacy Guarantor sanctions Enel Energia. The company had not protected its databases from access by abusive brokers→

Brazilian Data Protection Authority approves data breach notifying regulation

Posted on May 7, 2024 by Dissent Doe PHD

Cristiane Manzueto, Rodrigo Leal, Ana Letícia Allavato, and Diego Semeraro of Mayer Brown write: Resolution No. 15, of April 24, 2024, of the Brazilian Data Protection Authority (“ANPD”), approved the Data Breach Notifying Regulation (the “… Continue reading Brazilian Data Protection Authority approves data breach notifying regulation→

UK makes weak default passwords illegal

Posted on May 4, 2024 by Dissent Doe PHD

Three cheers for the U.K. on this one. Kevin Purdy reports: If you build a gadget that connects to the Internet and sell it in the United Kingdom, you can no longer make the default password “password.” In fact, you’re not supposed t… Continue reading UK makes weak default passwords illegal→

UK enacts IoT cybersecurity law

Posted on April 29, 2024 by Zeljka Zorz

The Product Security and Telecommunications Infrastructure (PSTI) Act has come into effect today, requiring manufacturers of consumer-grade IoT products sold in the UK to stop using guessable default passwords and have a vulnerability disclosure policy… Continue reading UK enacts IoT cybersecurity law→

FTC Finalizes Changes to the Health Breach Notification Rule

Posted on April 26, 2024 by Dissent Doe PHD

The Federal Trade Commission today announced it has finalized changes to the Health Breach Notification Rule (HBNR) that will strengthen and modernize the rule by clarifying its applicability to health apps and other similar technologies and expanding … Continue reading FTC Finalizes Changes to the Health Breach Notification Rule→