Law.com Subscribers SAVE 30%

Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.

Developing Effective Information Security Programs

By Kirk J. Nahra
September 20, 2005

For many years, financial institutions and other entities that collect personal information focused on privacy as an emerging legal doctrine presenting compliance challenges and an array of business implications. These issues, while still important and subject to ongoing debate and tinkering, have become, for many financial institutions, an automatic component of ongoing business activities. Now, with all of the attention focused on security of customer information driven by the recent flood of news stories concerning security breaches in numerous industries, privacy's ugly stepchild ' the security of consumer information ' has moved to the forefront of concern, both for financial institutions and the various entities that regulate and oversee them. News stories reporting security breaches are an almost daily occurrence. New legislation is being introduced almost constantly, at both the state and national level. While financial institutions already face a raft of security-related compliance obligations, including the Gramm-Leach-Bliley Act and others, financial institutions and their important business partners have been a focus of many of the most highly publicized breaches.

With this background, financial institutions (and other companies across America and globally) should be re-evaluating their information security programs. In reviewing the various legal requirements, what are the primary components of an effective security program? And what are the most difficult challenges facing companies in trying to move from a security “best practices” environment to one requiring compliance with specific legal obligations?

Understanding the Legal Landscape

Read These Next
Major Differences In UK, U.S. Copyright Laws Image

This article highlights how copyright law in the United Kingdom differs from U.S. copyright law, and points out differences that may be crucial to entertainment and media businesses familiar with U.S law that are interested in operating in the United Kingdom or under UK law. The article also briefly addresses contrasts in UK and U.S. trademark law.

Strategy vs. Tactics: Two Sides of a Difficult Coin Image

With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.

The Article 8 Opt In Image

The Article 8 opt-in election adds an additional layer of complexity to the already labyrinthine rules governing perfection of security interests under the UCC. A lender that is unaware of the nuances created by the opt in (may find its security interest vulnerable to being primed by another party that has taken steps to perfect in a superior manner under the circumstances.

Removing Restrictive Covenants In New York Image

In Rockwell v. Despart, the New York Supreme Court, Third Department, recently revisited a recurring question: When may a landowner seek judicial removal of a covenant restricting use of her land?

Fresh Filings Image

Notable recent court filings in entertainment law.