Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

OCC Report Highlights Top Risks Facing National Banks and Federal Savings Associations

“Strategic, underwriting, cybersecurity, compliance, and interest rate risks lead the Office of the Comptroller of the Currency’s (OCC) supervisory concerns in its Semiannual Risk Perspective for Fall 2015, released [December 15, 2015]. The report noted that the risks associated with underwriting and cybersecurity are increasing, while strategic, compliance, and interest rate risks remain stable. Highlights from the report include:

  • Many national banks and federal savings associations continue to face strategic challenges to growing revenues to meet target rates of return in a slow-growth, low interest rate environment.
  • Banks and thrifts are easing credit underwriting standards and practices, including structure, terms, pricing, collateral, guarantors, and loan controls in response to competitive pressures and growth objectives. This easing is particularly evident in high-growth loan segments, such as indirect auto, commercial and industrial, and multifamily.
  • The ongoing low interest rate environment poses additional concerns as banks reach for yield by loosening underwriting and extending asset duration trends.
  • Cyber threats, reliance on service providers, and resiliency planning remain industry concerns, particularly in light of increasing global threats.
  • Bank Secrecy Act risk continues to increase as criminal behaviors and technology use evolve.

The report covers risks facing national banks and federal savings associations based on data through June 30, 2015. It presents data in four main areas: the operating environment, bank condition, key risk issues, and regulatory actions. It focuses on issues that pose threats to the safety and soundness of those financial institutions regulated by the OCC and is intended as a resource to the industry, examiners, and the public.”

GAO – DHS Needs to Support Greater Adoption of Its National Cybersecurity Protection System

DHS Needs to Enhance Capabilities, Improve Planning, and Support Greater Adoption of Its National Cybersecurity Protection System, GAO-16-294: Published: Jan 28, 2016. Publicly Released: Jan 28, 2016. “What GAO Found The Department of Homeland Security’s (DHS) National Cybersecurity Protection System (NCPS) is partially, but not fully, meeting its stated system objectives: Intrusion detection: NCPS providesContinue Reading

FTC Announces Significant Enhancements to IdentityTheft.gov

“For the first time, identity theft victims can now go online and get a free, personalized identity theft recovery plan as a result of significant enhancements to the Federal Trade Commission’s IdentityTheft.gov website. The new one-stop website is integrated with the FTC’s consumer complaint system, allowing consumers who are victims of identity theft to rapidlyContinue Reading

Federal Background Investigations Tasked to New Agency

Via the White House Blog, January 22, 2016 – “The Government has a responsibility to determine the fitness of Federal employees, members of the Armed Forces, and contractors for the jobs they are hired into and for the sensitive work they do on behalf of the American people each and every day. At the sameContinue Reading

EFF FOIA Filings Surface More Info on Zero Days

Via EFF – “In fact, in response to EFF’s FOIA suit to get access to the official U.S. policy on zero days, the government redacted every single reference to “offensive” use of vulnerabilities. …In response to EFF’s motion for summary judgment, the government has disclosed a new version of the Vulnerabilities Equities Process, minus manyContinue Reading

Operationalizing Cybersecurity Due Diligence: A Transatlantic Comparative Case Study

Shackelford, Scott and Russell, Scott, Operationalizing Cybersecurity Due Diligence: A Transatlantic Comparative Case Study (January 12, 2016). South Carolina Law Review, 2016. Available for download at SSRN: http://ssrn.com/abstract=2714529 “Although much work has been done on applying the law of warfare to cyber attacks, far less attention has been paid to defining a law of cyberContinue Reading

CRS – The Federal Cybersecurity Workforce

The Federal Cybersecurity Workforce: Background and Congressional Oversight Issues for the Departments of Defense and Homeland Security. Kathryn A. Francis, Analyst in Government Organization and Management; Wendy Ginsberg Analyst in American National Government. January 8, 2016. “The federal cybersecurity workforce is responsible for protecting U.S. government systems and networks against cyber threats and attacks. FederalContinue Reading

SEC publishes 2016 priorities for Office of Compliance Inspections and Examinations

“This document identifies selected 2016 examination priorities of the Office of Compliance Inspections and Examinations (“OCIE,” “we,” or “our”) of the Securities and Exchange Commission (“SEC” or “Commission”). In general, th priorities reflect certain practices and products that OCIE perceives to present potentially heightened risk to investors and/or the integrity of the U.S. capital markets.Continue Reading

Data Security and Breach Notification Legislation: Selected Legal Issues

CRS – Data Security and Breach Notification Legislation: Selected Legal Issues, Alissa M. Dolan, Legislative Attorney. December 28, 2015. “Recent data breaches at major U.S. retailers have placed a spotlight on concerns about the security of personal information stored in electronic form by corporations and other private entities. A data breach occurs when data containingContinue Reading

DoD Needs an Effective Process to Identify Cloud Computing Service Contracts

Audit – DoD Needs an Effective Process to Identify Cloud Computing Service Contracts, DODIG-2016-038, December 28, 2015. “Objective – Our objective was to determine whether selected DoD Components performed a cost-benefit analysis before acquiring cloud computing services. In addition, we were to identify whether those DoD Components achieved actual savings as a result of adoptingContinue Reading

The Rise and Fall of Silk Road

Via Wired – “In October 2013, a young entrepreneur named Ross Ulbricht was arrested at the Glen Park branch of the San Francisco Public library. It was the culmination of a two-year investigation into a vast online drug market called Silk Road. The authorities charged that Ulbricht, an idealistic 29-year-old Eagle Scout from Austin, Texas,Continue Reading

Engaging the International Community on Cybersecurity Standards

White House: “U.S. companies are most effective when they can rely on the same cybersecurity standards overseas as they do in the United States. Not only do common standards make it easier for product development and sales, companies can more easily maintain and enhance network defense and resilience, which are vital in today’s world ofContinue Reading