A number of significant regulatory, legal, market, and ESG-related developments and issues will affect how public companies approach the upcoming year-end reporting process. As in past years, Mintz has prepared an in-depth...more
12/18/2023
/ 10b5-1 Plans ,
Artificial Intelligence ,
Chief Information Security Officer (CISO) ,
Clawbacks ,
Climate Change ,
Corporate Governance ,
Cybersecurity ,
Enforcement Actions ,
Environmental Social & Governance (ESG) ,
Form 10-K ,
Form 8-K ,
Nasdaq ,
Publicly-Traded Companies ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Shareholder Meetings ,
Trading Plans ,
Year-End Planning
In a narrow 3-2 decision on July 26, the SEC adopted its final rule concerning cybersecurity risk management, strategy, governance, and incident disclosure (the “Final Rule”). Below we highlight some of the principal changes...more
8/2/2023
/ Compliance ,
Cybersecurity ,
Disclosure Requirements ,
Final Rules ,
Form 8-K ,
Incident Response Plans ,
Information Governance ,
National Security ,
Policies and Procedures ,
Public Safety ,
Publicly-Traded Companies ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC)
Following closely on its proposal for substantial new cybersecurity requirements for investment advisers and registered investment companies, the Securities and Exchange Commission (SEC) unveiled a new slate of proposed...more
There is a pattern here. Long holiday weekends make for ransomware attacks and data breaches. It is well-known that malicious actors take advantage of understaffed IT resources on holidays. In fact, it’s become such a common...more
9/3/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
FBI ,
Hackers ,
Holidays ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Ransomware ,
Risk Management
The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency.
The announcement from the Superintendent of Financial Services of the State...more
4/1/2020
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Compliance ,
Confidential Information ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Disclosure Requirements ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
Insurance Industry ,
Notice Requirements ,
NYDFS ,
Personally Identifiable Information ,
Popular ,
Risk Assessment ,
Risk Management ,
Third-Party Service Provider
With cases of the Novel Coronavirus (COVID-19) emerging in nearly every state, many businesses are taking swift action in an effort to curb its spread. Teleworking, “remote working,” or simply “working from home,” is a...more
3/17/2020
/ Bring Your Own Device (BYOD) ,
Business Continuity Plans ,
Centers for Disease Control and Prevention (CDC) ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Protection ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Infectious Diseases ,
Phishing Scams ,
Popular ,
Public Health ,
Remote Working ,
Risk Management ,
Telecommuting
COVID-19 is not the only virus associated with the global outbreak. As predictably as night follows day, cybercriminals have been using the epidemic as a means to spread their malicious payloads. Companies should include...more
If you haven’t been paying attention to all the Microsoft warnings for the past year and your company is still running Windows 7, time’s up. After January 14, 2020, Microsoft will stop pushing out security updates to Windows...more
Welcome to October! October 2018 marks the 15th year of the observance of National Cyber Security Awareness Month, a joint effort of the U.S. Department of Homeland Security and the National Cyber Security Awareness Alliance....more
“Privacy by design” – while not a new concept – is certainly enjoying a new spot in the sunshine thanks to the European Union’s General Data Protection Regulation (“GDPR”) (50 days and counting…) and its codification of...more
4/5/2018
/ Cybersecurity ,
Data Breach ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Risk Management
The Securities and Exchange Commission (“SEC”) released expansive interpretive guidance (“2018 Guidance”), posted February 21, 2018, further building upon its far-reaching cybersecurity guidance provided in 2011. Below are...more
3/2/2018
/ Cybersecurity ,
Data Protection ,
Disclosure Requirements ,
Financial Statements ,
Guidance Update ,
Insider Trading ,
Interpretive Opinions ,
Materiality ,
Policies and Procedures ,
Publicly-Traded Companies ,
Regulatory Oversight ,
Risk Management ,
Securities and Exchange Commission (SEC)
If your company is one of the broad group of businesses licensed by the New York Department of Financial Services (NY DFS), a very important deadline is bearing down on February 15. Regulated entities have under Thursday to...more
Recently, a Google researcher discovered a serious flaw with the content delivery network (CDN) provided by CloudFlare. This vulnerability has now become known as Cloudbleed, in a nod to the earlier Heartbleed SSL...more
Five Things You (and Your M&A Diligence Team) Should Know -
Recently it was announced that Verizon would pay $350 million less than it had been prepared to pay previously for Yahoo as a result of data breaches that...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently issued a warning regarding vulnerabilities in third-party applications used by entities covered by HIPAA. The OCR warning applies...more
Imagine you are the IT systems administrator of a large corporation. Coffee in hand, you sit down one morning and log in. You receive a message that there has been an intrusion into the corporate database, a large amount of...more