On May 14, 2018, the Department of Energy Office of Electricity Delivery & Energy Reliability released its Multiyear Plan for Energy Sector Cybersecurity.
Continue Reading
Department of Justice
DOJ Accuses Iranian Nationals of “Brazen Cyber Assault” on Universities and Government Agencies
Posted on
Posted in Cybersecurity, U.S. Federal Law
The U.S. Department of Justice has unsealed an indictment accusing nine Iranian nationals of engaging in a “massive and brazen cyber assault” against at least 176 universities, 47 private companies and 7 government agencies and non-governmental organizations, including the Federal Energy Regulatory Commission. …
Continue Reading
Insider Trading Charges Brought Against CIO for Post-Breach Trading
Posted on
On March 14, 2018, the Department of Justice and the SEC announced insider trading charges against a CIO of a business unit of Equifax, Inc.…
Continue Reading
Federal Court Imposes Record Fine on TV Provider for Do Not Call Violations
Posted on
On June 5, 2017, an Illinois federal court ordered satellite television provider Dish Network to pay a record 280 million dollars in civil penalties for violations of the FTC’s Telemarketing Sales Rule, the Telephone Consumer Protection Act and state law.…
Continue Reading
FTC Announces Settlement Over Alleged Consent Order Violation
Posted on
On March 17, 2017, the Federal Trade Commission announced that Upromise, Inc., agreed to pay 500,000 dollars to settle allegations that it violated the terms of a 2012 consent order that required Upromise to provide notice to consumers regarding its data collection and use practices, and obtain third-party audits.…
Continue Reading
DHS Issues Updated National Cyber Incident Response Plan
Posted on
On January 18, 2017, the Department of Homeland Security issued an updated National Cyber Incident Response Plan as directed by the Presidential Policy Directive 41, issued this past summer, and the National Cybersecurity Protection Act of 2014. …
Continue Reading
FTC Announces Settlement Over Illegal Telemarketing Calls
Posted on
Posted in Information Security, Marketing
On November 1, 2016, the FTC announced that a group of entities known as the Consumer Education Group settled FTC charges that, between late 2013 and 2015, it made millions of telemarketing calls, including pre-recorded robocalls, to consumers on the national Do Not Call Registry, in violation of the Telemarketing Sales Rule.…
Continue Reading
White House Releases New Policy on Federal Cyber Incident Response
Posted on
On July 26, 2016, the White House unveiled Presidential Policy Directive PPD-41, which sets forth principles for federal responses to cyber incidents approved by the National Security Council. PPD-41 first focuses on incident response to cyber attacks on government assets, but also outlines federal incident responses to cyber attacks on certain critical infrastructure within the private sector.…
Continue Reading
DHS and DOJ Issue Final Guidance on the Cybersecurity Information Sharing Act of 2015
Posted on
On June 15, 2016, the U.S. Department of Homeland Security and U.S. Department of Justice jointly issued final guidance on the Cybersecurity Information Sharing Act of 2015.…
Continue Reading
Pharmaceutical Company to Plead Guilty and Settle Drug Marketing Charges
Posted on
Recently, Aegerion Pharmaceuticals announced that it will enter into several settlements and plead guilty to two misdemeanors in connection with alleged violations of HIPAA, drug marketing regulations and securities laws. The criminal charges stem from the company’s marketing of a cholesterol drug called Juxtapid. Aegerion allegedly failed to comply with risk evaluation and management strategies and marketed Juxtapid (which is labeled with a warning about liver toxicity) without proper directions for use. …
Continue Reading