January 2017

NIST Releases Proposed Update to the Framework for Improving Critical Infrastructure Cybersecurity

In February 2014, the National Institute of Standards and Technology (NIST) released the Framework for Improving Critical Infrastructure Cybersecurity, sometimes known as NIST’s Cybersecurity Framework.  …

NIST Releases Proposed Update to the Framework for Improving Critical Infrastructure Cybersecurity Read More »

PA Court Denies Common-Law Duty of Employers to Safeguard Employee Information

In Dittman v. UPMC d/b/a The University of Pittsburgh Medical Center, 2017 PA Super. 8 (Jan. 12, 2017), the Superior Court of Pennsylvania held that an employer does not owe employees a duty to protect and safeguard personal and financial information from disclosure in a data breach resulting from an intrusion in its computer network. …

PA Court Denies Common-Law Duty of Employers to Safeguard Employee Information Read More »

New York Revises Proposed Cybersecurity Regulations, Pushes Back Effective Date

After receiving strong criticism from the banking and insurance industries, the New York State Department of Financial Services (NYDFS) has issued updated proposed cybersecurity regulations and pushed back the effective date of the regulations from January 1, 2017 to March 1, 2017. …

New York Revises Proposed Cybersecurity Regulations, Pushes Back Effective Date Read More »