Tag Archives: National Institute of Standards and Technology

Connecticut Enacts Safe Harbor from Punitive Damages in Data Breach Cases

Effective October 1, 2021, Connecticut becomes the third state with a data breach litigation “safe harbor” law (Public Act No. 21-119), joining Utah and Ohio. In short, the Connecticut law prohibits courts in the state from assessing punitive damages in data breach litigation against a covered defendant that created, maintained, and complied with a cybersecurity … Continue Reading

NIST Preliminary Draft Cybersecurity Framework Profile for Ransomware Risk Management Provides Risk Management Strategies

The National Institute of Standards and Technology (NIST) recently released a preliminary draft of its Cybersecurity Framework Profile for Ransomware Risk Management. The public comment period for this draft runs through July 9, 2021. NIST says “The profile can be used as a guide to managing the risk of ransomware events. That includes helping to … Continue Reading

IoT Devices to See New Security Guidelines in 2021

Setting up that new IoT device you received for Christmas? Maybe you’ve been derelict in feeding the dog and found a smart dog feeder under the tree, one that will alert you that Luna has been fed or that you have to refill the feeder. Smart gizmos are not just for the home, approximately 25% … Continue Reading

Can Hackers Break Into GPS Trackers Used For Your Fleet?

The answer may be yes. GPS trackers enable businesses to derive greater efficiencies and productivity from their employees and their vehicle fleets. But, when businesses deploy this technology, HR departments often raise valid concerns about employee privacy on and, in some cases, off the job. When employers install GPS trackers on company-owned vehicles, these privacy … Continue Reading

NIST Publishes Guide to Secure an Organization’s Mobile Devices

Just last month, the National Cybersecurity Center of Excellence (NCCoE), a part of the National Institute of Standards and Technology (NIST), published guidance for public and private companies to protect mobile devices and help prevent data breaches. The publication, titled “Mobile Device Security: Cloud and Hybrid Build,” is a how to guide for companies to … Continue Reading

NIST Releases Updated Version of Its Cybersecurity Framework

On April 17th, the National Institute of Standards and Technology (“NIST”), a component of the U.S. Commerce Department, released Version 1.1 of the Framework for Improving Critical Infrastructure Cybersecurity (“Cybersecurity Framework Version 1.1”), which incorporates feedback from NIST-led workshops, public comments, and questions received by NIST team members over the last two years. The Cybersecurity … Continue Reading
LexBlog