In a narrow 3-2 decision on July 26, the SEC adopted its final rule concerning cybersecurity risk management, strategy, governance, and incident disclosure (the “Final Rule”). Below we highlight some of the principal changes...more
8/2/2023
/ Compliance ,
Cybersecurity ,
Disclosure Requirements ,
Final Rules ,
Form 8-K ,
Incident Response Plans ,
Information Governance ,
National Security ,
Policies and Procedures ,
Public Safety ,
Publicly-Traded Companies ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC)
It’s been a busy 2021 legislative session for changes to data breach laws, and that means it is time to review and update your incident response plans. Several states have shortened data breach notification timelines or...more
If you are one of the many businesses licensed by the New York Department of Financial Services (DFS), and cannot avail yourself of the (very) limited exemptions, you must be ready for the first compliance transition date for...more
We’ve been following the latest on the WannaCry ransomware attack that we first told you about over the weekend.
A feared “second strike” did not materialize today, but victimized firms in over 100 countries are still...more
UPDATE: Europol chief Rob Wainwright told the BBC, “Companies need to make sure they have updated their systems and ‘patched where they should’ before staff arrives for work on Monday morning.”
By now, you may have...more
If you have had to provide data breach notices across any number of states (and who hasn’t….), you would know that they vary widely in how those notices must be provided to state regulators. In some states (for example,...more