The Top 3 Cybersecurity and Data Privacy Developments of 2020

Effect of COVID-19

With the devastating spread of COVID-19 and its serious effect on the economy, many more businesses have become a target to malware and other cyber-attacks. As the crisis shifted most jobs to working remotely, so did the number of phishing e-mails and ransomware demands. In January to April alone, Interpol detected approximately 900,000 spam messages, 800 malware-related incidents, and 50,000 malicious URLs connected to the corona virus. See attached checklist for our suggested best practices.

CPRA Passes in November 2020

California’s Proposition 24, also known as the California Privacy Rights Act (CPRA), will increase consumer privacy protections starting January 1, 2023. Notably, the new law raises the standards set by the CCPA by establishing the California Privacy Protection Agency, a separate enforcement agency dedicated to enforcing the CPRA. We outlined some of the other prominent changes to the law in our November 12, 2020 Newsletter.

Congress Passes New Cybersecurity Bill

In November 2020, Congress passed the IoT (Internet of Things) Cybersecurity Improvement Act of 2020, a notable cybersecurity bill that aims to enhance the safeguards of internet-connected devices. According to ASIS International, the measure “would direct the U.S. Commerce Department’s National Institute of Standards and Technology (NIST) to establish baseline security requirements for IoT manufacturers and would require contractors to implement vulnerability disclosure policies.” The bill does not apply to consumers; it only applies to the federal government.

The attorneys of Cislo & Thomas LLP keep up-to-date on the complex and constantly changing cyber and privacy compliance laws and regulations. We are happy to assist you in all aspects of your data protection and consumer privacy compliance needs.

Specifically, Cislo & Thomas LLP can help you with:
– Privacy Policy Drafting
– Privacy Compliance Assessments
– Ongoing Privacy Program Management
– Third Party Contract Review
– Incident Response Plans
– Internal Policy Development

As you start the new year, use our Cislo & Thomas 2021 Business Checklist to help you identify any other intellectual property or data privacy/cybersecurity needs that your company may want to address.