I don’t mean to ruin your holiday weekend, but we thought to send out a friendly reminder on the next set of rolling deadlines and requirements from New York’s financial services cybersecurity law (23 NYCRR 500). A regulated organization that must comply with the law, or “covered entity,” is “any person operating under or required to operate under a license, registration, charter, certificate, permit, accreditation or similar authorization under the Banking Law, the Insurance Law or the Financial
Continue Reading Perfect Labor Day Beach Reading: New York’s (Next) Round of Financial Cybersecurity Requirements

computer-codeWe strongly encourage companies possessing or transmitting personally identifiable information (PII), protected health information (PHI), financial or other sensitive data, including trade secrets, to use encryption. Why?  Because, if employed properly, it is both effective and legally defensible.

So what is encryption?

Encryption is a type of information security. It involves the coding and decoding of messages in order to protect private content from third parties. In its earliest form, encryption was essentially letter substitution (e.g., substituting the letter “a”
Continue Reading Encryption as a Legal Defense