SEC Recommendations to Protect Against Cybersecurity Threats
March 09, 2020 —
Shaia Araghi and Jeffrey Dennis – Newmeyer DillionWhat Happened?
The Securities and Exchange Commission's Office of Compliance Inspections and Examinations ("OCIE") issued a detailed
report on January 27, 2020 regarding various ways for organizations to safeguard data and protect against security and data breaches. Cyber threat actors are now invading data in a more sophisticated manner than ever before, and implementation of the SEC's recommended practices are essential in order to protect from outside vulnerabilities.
What is at Risk?
If market participants fail to implement these recommended policies, they will become more vulnerable to external attacks and data breaches. This can weaken an organization or firm if all employees are not properly trained and informed of the increasing dangers of cybersecurity breaches.
What Can You Do to Protect Yourself from a Cybersecurity Threat?
1.
Governance and Risk Management. Senior leaders should make efforts to improve the cyber safety at their organization. Some of these efforts may include:
- Devote attention to overseeing the organization's cybersecurity and resilience programs;
- Develop a risk assessment process to identify and mitigate cybersecurity risks to the organization;
- Adopt and implement policies and procedures regarding these risks;
- Promptly respond and adapt to changes by updating policies and procedures when necessary; and
- Establish communication policies and procedures to provide timely information to customers, employees, and others when needed.
2.
Access Rights and Controls. Implement updated controls to determine appropriate users for organization systems, limit access as appropriate to authorized users (including the set-up of multi-factor authentication) and monitor user access.
3.
Data Loss Prevention. OCIE has recommended various important data loss prevention measures for organizations:
- Establish a vulnerability management program;
- Implement capabilities that can monitor network traffic and detect threats on endpoints;
- Establish a patch management program covering all software and hardware;
- Maintain an inventory of hardware and software assets;
- Encrypt data and implement network segmentation;
- Create an insider threat program to monitor any suspicious behaviors; and
- Secure legacy systems and equipment through disposal of sensitive information from hardware and software and by reassessing vulnerability and risk assessments.
4.
Mobile Security. Establish policies and procedures for mobile device use, manage use of mobile devices through a mobile device management application, implement security measures for internal and external users, and train employees on mobile device policies and effective practices.
5.
Incident Response and Resiliency. Detect and disclose material information regarding incidents in a timely manner and assess appropriateness of corrective actions taken in response to incidents. Organizations should develop a plan if an incident occurs, address applicable reporting requirements, assign staff to execute specific areas of the plan, and test and assess the plan. In the event that a data breach occurs, an organization should improve its resiliency by maintaining an inventory of core business services and prioritizing business operations based on an assessment of risks.
6.
Vendor Management. Establish a vendor management program to ensure that vendors meet your organization's security requirements. Organizations should aim to understand all contract terms with vendors to ensure that all parties are in agreement regarding risk and security. Organizations should also monitor third-party vendors and ensure that the vendor continues to meet the organization's security requirements.
7.
Training and Awareness. Train staff to implement cybersecurity policies of the organization. Organizations should provide cybersecurity and resiliency training and re-evaluate the effectiveness of training procedures.
A Final Reminder for Organizations
Organizations should strive to implement as many of the SEC's recommended protection measures as possible. Ensuring that senior members of an organization are leading the initiative in increased awareness about cybersecurity threats through training of employees will lead to greater cyber safety for the overall organization. Although prevention of all breaches cannot be guaranteed, developing data loss prevention plans to keep the organization and its core businesses safe from attack will benefit the entire organization.
How We Can Help
If you feel that your business falls below the SEC's recommended security measures, our firm can assist with compliance. Contact us for a free initial consultation to determine a reasonable and practical way for your business to become compliant with these guidelines.
Shaia Araghi is an associate in the firm's Privacy & Data Security, and supports the team in advising clients on cyber-related matters, including compliance and prevention that can protect their day-to-day operations. For more information on how Shaia can help, contact her at shaia.araghi@ndlf.com.
Jeff Dennis (CIPP/US) is the Head of the firm's Privacy & Data Security practice. Jeff works with the firm's clients on cyber-related issues, including contractual and insurance opportunities to lessen their risk. For more information on how Jeff can help, contact him at jeff.dennis@ndlf.com.
About Newmeyer Dillion
For 35 years, Newmeyer Dillion has delivered creative and outstanding legal solutions and trial results that achieve client objectives in diverse industries. With over 70 attorneys working as a cohesive team to represent clients in all aspects of business, employment, real estate, environmental/land use, privacy & data security and insurance law, Newmeyer Dillion delivers holistic and integrated legal services tailored to propel each client's success and bottom line. Headquartered in Newport Beach, California, with offices in Walnut Creek, California and Las Vegas, Nevada, Newmeyer Dillion attorneys are recognized by The Best Lawyers in America©, and Super Lawyers as top tier and some of the best lawyers in California and Nevada, and have been given Martindale-Hubbell Peer Review's AV Preeminent® highest rating. For additional information, call 949.854.7000 or visit www.newmeyerdillion.com.
Read the court decisionRead the full story...Reprinted courtesy of
Be Wary of Construction Defects when Joining a Community Association
February 07, 2013 —
CDJ STAFFThere are some benefits to living in small developments with correspondingly small community association. Marilyn Briscoe told the Chicago Tribune that in her 34-unit town home association, "people kind of look out for each other here."
But the article also cautions to not only meet the other owners, but that you should "know the developer" and "be leery if you discover litigation for construction defects." Ryan Shpritz, an association attorney said that "you don't want to start out your new association by spending money on lawyer fees or repairing defects." Whether the development is large or small, "having construction defect litigation going on will have an impact on salability."
Read the court decisionRead the full story...Reprinted courtesy of
IoT: Take Guessing Out of the Concrete Drying Process
February 06, 2019 —
Aarni Heiskanen - AEC BusinessFlooring, tiling, or painting on a concrete surface that is insufficiently dry can end up being a disaster. An experimental project recently used IoT sensors and AI to determine when it is safe to start finishing concrete surfaces.
Haste and Imperfect Conditions Lead to Failure
To successfully first cure and then dry concrete requires specific conditions. You need to maintain a temperature higher than 10°C and a relative humidity of greater than 80 percent in the concrete.
Once the concrete is hardened, you have to make sure that it is dry enough for finishing. Typically, the relative humidity should not exceed 82 percent. Some flooring materials require a humidity of less than 75 percent for successful application.
Read the court decisionRead the full story...Reprinted courtesy of
Aarni Heiskanen, AEC BusinessMr. Heiskanen may be contacted at
aec-business@aepartners.fi
A Few Things You Might Consider Doing Instead of Binging on Netflix
April 13, 2020 —
Garret Murai - California Construction Law BlogGovernments throughout the world have issued “shelter in place” orders requiring that residents stay at home except for “essential” purposes. As a result, in the United States, more than a third of Americans have been ordered to stay at home. This, in turn, has had a direct impact on construction projects which have slowed or have been temporarily shuttered altogether, and it will (not may) have an impact on the flow of project funds. So what can project owners and contractors do? We’ve got a few tips.
1. Read Your Contract, Paying Particular Attention to Force Majeure, No Damages for Delay and Notice Provisions
For the most part, with the exception of statutory rights and remedies which we will discuss below, your contract spells out your rights and remedies should the proverbial “S” hit the fan. It is, in other words, the rules you agreed to, and you should know what those rules provide. Three provisions you should look for, and if they’re in your contract, you should review carefully are: (1) Force majeure provisions; (2) No damages for delay provisions; and (3) notice provisions.
Read the court decisionRead the full story...Reprinted courtesy of
Garret Murai, Nomos LLPMr. Murai may be contacted at
gmurai@nomosllp.com
Newmeyer & Dillion Attorney Casey Quinn Selected to the 2017 Mountain States Super Lawyers Rising Stars List
June 15, 2017 —
Newmeyer & Dillion LLPLAS VEGAS, Nev. – JUNE 14, 2017 – Prominent business and real estate law firm Newmeyer & Dillion LLP is pleased to announce that litigation attorney
Casey Quinn has been selected to the 2017 Mountain States Super Lawyers Rising Stars list. Each year, no more than 2.5 percent of lawyers are selected to receive this honor. Quinn will be recognized in the July 2017 issue of
Mountain States Super Lawyers Magazine.
Quinn, an associate in the Las Vegas office of Newmeyer & Dillion, focuses his practice in complex commercial and construction litigation. He represents a variety of business entities in commercial disputes, including contract claims, business torts, privacy lawsuits, defamation, and fraud. Quinn is the immediate-past chair of the Construction Law section of the State Bar of Nevada and has successfully argued before the Supreme Court of Nevada, as well as settled disputes through various forms of conflict resolution including mediation and arbitration.
Super Lawyers is a rating service of outstanding lawyers from more than 70 practice areas who have attained a high-degree of peer recognition and professional achievement. The patented selection process includes independent research, peer nominations and peer evaluations.
About Newmeyer & Dillion
For more than 30 years, Newmeyer & Dillion has delivered creative and outstanding legal solutions and trial results for a wide array of clients. With over 70 attorneys practicing in all aspects of business, employment, real estate, construction and insurance law, Newmeyer & Dillion delivers legal services tailored to meet each client’s needs. Headquartered in Newport Beach, California, with offices in Walnut Creek, California and Las Vegas, Nevada, Newmeyer & Dillion attorneys are recognized by The Best Lawyers in America©, and Super Lawyers as top tier and some of the best lawyers in California, and have been given Martindale-Hubbell Peer Review's AV Preeminent® highest rating. For additional information, call 949-854-7000 or visit http://www.newmeyeranddillion.com/.
Read the court decisionRead the full story...Reprinted courtesy of
Reroof Blamed for $10 Million in Damage
November 06, 2013 —
CDJ STAFFA renovation of the city hall in Bay City, Michigan went wrong when roof repairs lead to fire and flooding of the historic building. Bay City has sued Gregory Construction and Mihm Enterprises, who earlier had been awarded a $1.5 million contract to reroof the building. The cost of repairing the building is expected to exceed the city’s insurance limit of $10 million.
The fire that damaged the building is alleged to have started when a roofer allegedly used a DeWalt grinder in attempt to remove some bolts. Under the contract with the city, the contractor was not going to use grinders, due to the risk of fire. The suit alleges that further water damage was caused, beyond the damage due to the firefighting, due to the contractor failing to “secure a section of the roof which was part of the Roofing Project with a tarp or other water-resistant covering.”
The contractors dispute the claims made by Bay City, with Gregory Construction describing them as “untrue and contrary to the facts.” Gregory Construction also claims that their obligations were delegated to Mihn Enterprises. Mihn Enterprises disputes this and states that they do not “owe a duty to the Plaintiffs; as a result their negligence claim is unenforceable as a matter of law.”
Read the court decisionRead the full story...Reprinted courtesy of
After Elections, Infrastructure Talk Stirs Again
December 04, 2018 —
Tom Ichniowski - Engineering News-RecordIn the wake of Democrats’ House takeover and Republicans widening their Senate majority in the midterm elections, talk has quickly revived about taking on infrastructure legislation in the new Congress. Construction industry officials welcome the pro-infrastructure rhetoric from congressional leaders and President Trump. But it remains to be seen whether the words will spark a bill that can make it through a divided 116th Congress. Funding the package remains the high hurdle.
Read the court decisionRead the full story...Reprinted courtesy of
Tom Ichniowski, ENRMr. Ichniowski may be contacted at
ichniowskit@enr.com
Construction Law Firm Welin, O'Shaughnessy + Scheaf Merging with McDonald Hopkins LLC
February 05, 2014 —
Beverley BevenFlorez-CDJ STAFFAccording to a press release on PR Newswire, Columbus, Ohio law firm McDonalds Hopkins LLC is merging with firm Welin, O’Shaughnessy + Scheaf. McDonalds Hopkins LLC is “a business advisory and advocacy law firm with a more than 80-year history.” They are looking to expand their “Columbus presence” by the merger with “the boutique firm” that specializes in construction law, complex business litigation and oil and gas litigation.
Read the court decisionRead the full story...Reprinted courtesy of