Aaron Charfoos

Aaron Charfoos

Paul Hastings LLP

Contact
View Bio
RSS

Latest Posts › Risk Assessment

Share:

NYDFS Issues AI Industry Letter

On October 16, 2024, the New York Department of Financial Services (NYDFS) issued an industry letter entitled “Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks” in response to...more

11/4/2024  /  Artificial Intelligence , Covered Entities , Cyber Attacks , Cybersecurity , Data Management , Financial Services Industry , NYDFS , Risk Assessment , Risk Management , Social Engineering , Third-Party Risk

DOJ to Evaluate AI Compliance Programs

The Department of Justice (DOJ) recently raised the stakes for businesses under investigation who use artificial intelligence (AI). The Evaluation of Corporate Compliance Program (ECCP) outlines the criteria to be considered...more

10/10/2024  /  Artificial Intelligence , Compliance , Corporate Governance , Department of Justice (DOJ) , Emerging Technologies , EU , Risk Assessment , Risk Management

NYDFS Releases Major Update to Part 500 Cybersecurity Requirements for Financial Services Companies

The New York Department of Financial Services (NYDFS) adopted a long-expected amendment to its Part 500 Cybersecurity Regulations (Part 500) this week. These are the first significant changes to Part 500 since its inception...more

11/2/2023  /  Amended Regulation , Chief Information Security Officer (CISO) , Cybersecurity , Data Protection , Financial Institutions , Financial Services Industry , NYDFS , Risk Assessment , Risk Management

The SEC Adopts Cybersecurity Disclosure Regime for Public Companies

On July 26, 2023, the U.S. Securities and Exchange Commission adopted enhanced disclosure requirements regarding cybersecurity risk management, strategy, governance and incident reporting for public companies. The final rules...more

7/28/2023  /  Cybersecurity , Disclosure Requirements , Form 8-K , Guidance Update , Publicly-Traded Companies , Risk Assessment , Risk Management , Securities and Exchange Commission (SEC)

NYDFS Proposes Further Changes to Part 500 Rules

The New York Department of Financial Services (“NYDFS”) released a “revised proposed second amendment” on June 28 that makes further changes to its Cybersecurity Regulation (“23 NYCRR Part 500”). Part 500 was first enacted in...more

7/6/2023  /  Cybersecurity , Cybersecurity Framework , Data Protection , Financial Institutions , Financial Services Industry , NYDFS , Risk Assessment , Risk Management

The New York Department of Financial Services Cybersecurity Rules — What Companies Need to Know

On March 1, 2017, New York’s Department of Financial Services (“NYDFS”) implemented a comprehensive cybersecurity regulation aimed at financial institutions (the “Cybersecurity Regulation”)....more

10/12/2022  /  Breach Notification Rule , Cybersecurity , Financial Services Industry , New York , NYDFS , Risk Assessment , State and Local Government

Data Privacy and Cybersecurity New Laws and Regulations Report

Throughout 2022, we continue to see regulators placing an emphasis on the importance of protecting and securing information, in particular consumer personal information, at both the federal and state levels. ...more

10/6/2022  /  Breach Notification Rule , Cybersecurity , Data Privacy , Data Protection , Employee Training , Encryption , Health Insurance Portability and Accountability Act (HIPAA) , NYDFS , Opt-Outs , Popular , Private Right of Action , Proposed Amendments , Risk Assessment , Securities and Exchange Commission (SEC) , State Privacy Laws

New Comprehensive US State Privacy Laws Are Coming – Is Your Company Ready?

Over the last two years, many states have taken cues from California and the EU by adopting sweeping privacy laws. These laws, passed in Virginia, Colorado, Connecticut and Utah, as well as updates to the already enacted...more

10/6/2022  /  California Consumer Privacy Act (CCPA) , Corporate Counsel , Employee Training , GLBA Privacy , Health Insurance Portability and Accountability Act (HIPAA) , Privacy Notice Rule , Private Right of Action , Risk Assessment , Sensitive Personal Information , State Privacy Laws
8 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide