Cybersecurity incidents pose legal challenges for in-house counsel, alongside their technical implications. This overview highlights key aspects that legal departments must know when reacting to data breaches.
...more
Companies should take steps now to prepare for the new rules and expectations.
The US government continues to expand regulatory requirements around notification and disclosure of major cyberattacks or incidents. ...more
President Biden signed an executive order to bolster the federal government’s cybersecurity posture on May 12. The order focuses on implementing vital improvements to networks of federal departments and agencies, many of...more
6/9/2021
/ Biden Administration ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Government Agencies ,
National Security ,
Notice Requirements ,
Risk Assessment ,
Risk Management
With the new administration poised to take office, public and private companies will need to consider how President Biden’s regulatory, enforcement, and legislative priorities will affect their businesses. During this...more
2/17/2021
/ Administrative Law Judge (ALJ) ,
Antitrust Provisions ,
Biden Administration ,
Broadband ,
CFIUS ,
Climate Change ,
Commodities ,
Congressional Oversight ,
Cybersecurity ,
Data Privacy ,
Energy Policy ,
Energy Sector ,
Environmental Policies ,
FCC ,
Health Care Providers ,
Investigations ,
Legislative Agendas ,
Life Sciences ,
Net Neutrality ,
Regulatory Agenda ,
Sanctions ,
Securities Regulation ,
White Collar Crimes
US regulators are calling attention to financial firms’ obligations to protect against evolving cybersecurity threats.
On October 2, 2019, the Financial Industry Regulatory Authority (FINRA) issued an information notice to...more
11/26/2019
/ Business E-Mail Compromise (BEC) ,
CFTC ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Financial Industry Regulatory Authority (FINRA) ,
Information Systems Security Program (ISSP) ,
National Futures Association ,
New Guidance
Ninth hearing on Competition and Consumer Protection in the 21st century highlights challenges of addressing persistent threats to data security.
On December 11 and 12, the Federal Trade Commission (the FTC or the...more
The Brazilian Congress has been working on a bill relating to the protection of personal data for over eight years. The Senate approved the bill, known as the General Data Protection Act (GDPA), on 10 July 2018, and the bill...more
Businesses active in California should promptly assess whether the law applies to their practices and start planning towards compliance with the new law.
Key Points:
..A sweeping new privacy law — the California...more
What directors really need to know about the SEC guidance that has generated so much chatter.
With so much boardroom attention on cybersecurity, directors continue to focus on the Securities and Exchange Commission (SEC)...more
As of December 31, 2017, many United States government contractors face a new compliance requirement involving cybersecurity. This requirement will govern most new Department of Defense (DoD) contracts and, significantly,...more
12/26/2017
/ Bid Protests ,
Breach of Contract ,
Cybersecurity ,
Data Protection ,
Data Security ,
Department of Defense (DOD) ,
DFARS ,
False Claims Act (FCA) ,
Federal Contractors ,
NIST ,
Popular
The DFARS final rule requires contractors to safeguard information systems and imposes investigation and reporting requirements in the case of cyber incidents.
As of December 31, 2017, many United States government...more
Trump Administration’s required cybersecurity assessments provide potential for new round of public-private collaboration.
The Trump Administration recently issued a much anticipated Executive Order (EO) addressing...more
The Trump Administration has issued a much anticipated Executive Order (EO),“Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” directing federal executive agency heads to undertake various...more
Tax-related identity theft is nothing new, but tax season 2016 took tax schemes to a new level.
Last year, our cyber experts advised a large cluster of clients (public and private companies) over a period of only two...more
The revised regulations eliminate many of the categorical requirements in the original proposal and instead adopt a more risk-based approach.
On December 28, 2016, the New York State Department of Financial Services...more
Comments submitted on the proposed regulations criticize the lack of a risk-based approach, overbroad definitions, potential extraterritorial implications, an excessive breach notification threshold and a daunting annual...more
The Standing Committee of the National People’s Congress of the People’s Republic of China (PRC) has introduced China’s first and comprehensive Network Security Law (also referred to as Cybersecurity Law). The law will have...more
The law will have far-reaching implications for parties that utilize the Internet and handle network data and personal information in the PRC.
On November 7, 2016, the Standing Committee of the National People’s Congress...more
Hacking of organizations’ systems is becoming increasingly commonplace, even with advancements in security practices. To mitigate risk, a company must have an enterprise-level, cross-functional incident response plan that is...more
Hacking of organisations’ systems is becoming increasingly commonplace, even with advancements in security practices. To mitigate risk, a company must have an enterprise-level, cross-functional incident response plan that is...more
Preparing for and rehearsing how to respond to a breach is as important as improving security systems and protocols.
Hacking of organizations’ systems is becoming increasingly commonplace, even with advancements in...more
1. Start Early -
Buyers should begin conducting cybersecurity risk assessments early in the engagement process. The target should be able to identify which information technology systems and data sets are key to the...more
In the wake of reported security breaches at a number of significant financial institutions, cybersecurity is garnering more attention and concern than ever before — both within the financial services industry and among...more
2/27/2015
/ Banks ,
Corporate Counsel ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Protection ,
Financial Institutions ,
Internet ,
NIST ,
OCIE ,
Popular ,
Securities and Exchange Commission (SEC) ,
SIFMA
“It is often said that there are two kinds of companies out there — those that have suffered a data breach and those that will have one,” said Latham & Watkins partner Kevin Boyle. “So it makes a lot of sense to be prepared...more