On January 16, 2025, President Joe Biden issued the “Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity,” a comprehensive directive designed to address the growing complexity and...more
1/27/2025
/ Artificial Intelligence ,
Compliance ,
Critical Infrastructure Sectors ,
Cyber Threats ,
Cybersecurity ,
Data Security ,
Encryption ,
Executive Orders ,
Federal Contractors ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Infrastructure ,
Manufacturers ,
Multi-Factor Authentication ,
Ransomware ,
Sanctions
On January 16, 2025, President Joe Biden signed the “Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity.” This directive seeks to tackle the increasingly complex and evolving cybersecurity...more
1/23/2025
/ Artificial Intelligence ,
Biden Administration ,
Cyber Crimes ,
Cybersecurity ,
Data Security ,
Executive Orders ,
Infrastructure ,
Innovation ,
National Security ,
Regulatory Agenda ,
Risk Management ,
Trump Administration
This is the second article in our two-part series on Cybersecurity in the Age of Industry 4.0, focusing on the legal implications and potential liabilities manufacturers face from cyberattacks, as well as practical...more
9/20/2024
/ California Privacy Rights Act (CPRA) ,
Class Action ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Duty of Care ,
Employee Training ,
General Data Protection Regulation (GDPR) ,
Incident Response Plans ,
Intellectual Property Protection ,
Manufacturers ,
Noncompliance ,
Theft ,
Trade Secrets
As the manufacturing sector continues to embrace the hyper-connected era of Smart Manufacturing, known as Industry 4.0, more and more organizations are integrating advanced automation, artificial intelligence (AI), the...more
9/13/2024
/ Artificial Intelligence ,
Automation Systems ,
Corrective Actions ,
Cyber Attacks ,
Cybersecurity ,
Energy Sector ,
Intellectual Property Protection ,
Internet of Things ,
Machine Learning ,
Malware ,
Manufacturers ,
Ransomware ,
Reputational Injury ,
Risk Management ,
Sensitive Personal Information ,
Social Engineering ,
Supply Chain
The recent massive data breach at National Public Data (NPD), a background check company, has potentially compromised the personal information of millions, if not billions, of individuals, including their Social Security...more
8/26/2024
/ Credit Reports ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Security ,
Federal Trade Commission (FTC) ,
Fraud ,
Hackers ,
Identity Theft ,
IRS ,
Popular ,
Risk Assessment ,
Risk Management
On February 9, a California appellate court issued a decisive ruling in favor of the California Privacy Protection Agency (the Agency), allowing the state to immediately begin enforcement of its new regulations, effectively...more
2/16/2024
/ Appellate Courts ,
Artificial Intelligence ,
Audits ,
California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Cybersecurity ,
Enforcement ,
New Regulations ,
Opt-Outs ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements
In the hyper-connected era of smart manufacturing, accelerated by “Industry 4.0,” the manufacturing sector is undergoing a digital revolution. By leveraging technologies such as advanced automation, artificial intelligence,...more
9/25/2023
/ Artificial Intelligence ,
Automation Systems ,
Blockchain ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Insurance ,
Cyber Threats ,
Cybersecurity ,
DFARS ,
Employee Training ,
Energy Sector ,
FERC ,
General Data Protection Regulation (GDPR) ,
Healthcare ,
Internet of Things ,
Malware ,
Manufacturers ,
National Security ,
Pharmaceutical Industry ,
Popular ,
Social Engineering ,
State Sponsors of Cyberattacks ,
Supply Chain ,
Technology ,
Telecommunications ,
Transportation Industry ,
Vulnerability Assessments
On July 26, 2023, the U.S. Securities Exchange Commission (“SEC”) adopted final rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The final rules require...more
8/4/2023
/ Annual Reports ,
Customer Proprietary Network Information (CPNI) ,
Cybersecurity ,
Disclosure Requirements ,
FBI ,
Foreign Private Issuers ,
Form 8-K ,
Incident Response Plans ,
New Rules ,
Regulation S-K ,
Regulation S-X ,
Risk Management ,
Secret Service ,
Securities and Exchange Commission (SEC)
Agility and resiliency remain essential attributes for manufacturers in 2023. Manufacturers are no longer focused on figuring out when things will return to “normal.”
Instead, they are applying lessons learned from the...more
7/11/2023
/ Artificial Intelligence ,
Best Practices ,
Clawbacks ,
Compensation ,
Compliance ,
Customs and Border Protection ,
Cyber Threats ,
Cybersecurity ,
Enforcement ,
Environmental Protection Agency (EPA) ,
Final Rules ,
Intellectual Property Protection ,
Machine Learning ,
Manufacturers ,
Securities and Exchange Commission (SEC) ,
Supply Chain
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
On March 9, 2022, the U.S. Securities Exchange Commission (the Commission) announced proposed amendments to its rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies...more
3/18/2022
/ Corporate Governance ,
Cybersecurity ,
Data Privacy ,
Disclosure Requirements ,
Foreign Private Issuers ,
Investors ,
Popular ,
Proposed Amendments ,
Risk Assessment ,
Risk Factors ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Third-Party Service Provider
On February 22, 2022, U.S. Department of Homeland Security Secretary Alejandro Mayorkas warned critical infrastructure organizations located in the United States of possible cyberattacks by Russian state-sponsored actors in...more
What would you do if you woke up tomorrow and your company was experiencing a cybersecurity incident? What if IT systems were completely locked down? What if you could not use phones, check emails, or receive orders? What if...more
The European Commission adopted new versions of the Standard Contractual Clauses (SCCs) on June 4, 2021. The new SCCs finally replace the original SCCs adopted under the 1998 European Data Protection Directive (DPD) and did...more
7/6/2021
/ Corporate Counsel ,
Cybersecurity ,
Data Protection ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK Data Protection Act
On June 2, 2021, Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology, published a rare open letter to the corporate executives and business leaders of...more
6/14/2021
/ Corporate Executives ,
Cybersecurity ,
Department of Justice (DOJ) ,
Economic Sanctions ,
Embargo ,
Executive Orders ,
Hackers ,
International Emergency Economic Powers Act (IEEPA) ,
Joe Biden ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
TWEA
On May 12, 2021, President Biden issued an Executive Order on Improving the Nation’s Cybersecurity following a series of highly publicized cybersecurity incidents during the first four months of his presidency, including the...more
5/14/2021
/ Compliance ,
Cybersecurity ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
DFARS ,
Encryption ,
Executive Orders ,
FBI ,
Federal Acquisition Regulations (FAR) ,
Joe Biden ,
National Security Agency (NSA) ,
Popular ,
Software ,
Supply Chain
On October 28, 2020, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) issued a joint warning that they...more
10/30/2020
/ Coronavirus/COVID-19 ,
Cyber Crimes ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Health and Human Services (HHS) ,
FBI ,
Germany ,
Health Care Providers ,
Hospitals ,
New Guidance ,
Pennsylvania ,
Ransomware
“Because that’s where the money is,” was the famous quote fictitiously attributed to Willie Sutton when asked why he robbed banks. Given the trillions of dollars held by employee benefit plans, these plans are prime targets...more
As industry continues to adapt to the evolving realities of shelter-in-place orders, companies face challenges in supporting an unprecedented remote workforce while balancing compliance with a variety of regulatory agencies....more
5/4/2020
/ CARES Act ,
Centers for Disease Control and Prevention (CDC) ,
Centers for Medicare & Medicaid Services (CMS) ,
Consumer Financial Protection Bureau (CFPB) ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
Popular ,
Safe Harbors ,
World Health Organization
As industry continues to adapt to the evolving realities of shelter-in-place orders, companies face challenges in supporting an unprecedented remote workforce while balancing compliance with a variety of regulatory agencies....more
4/9/2020
/ Business Interruption ,
California Consumer Privacy Act (CCPA) ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Regulatory Standards ,
Remote Working ,
Small Business ,
State of Emergency
As the coronavirus (also known as COVID-19) continues to impact all organizations globally and create uncertainty, cyber criminals are looking to exploit these vulnerabilities and fears and pose heightened cybersecurity...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Welcome to Foley’s new Manufacturing MarketTrends newsletter. In each edition, we will highlight key trends to watch out for in 2019, making it a year of change for manufacturers. ...more
4/18/2019
/ China ,
Cybersecurity ,
Due Diligence ,
Economic Sanctions ,
Manufacturers ,
North Korea ,
Office of Foreign Assets Control (OFAC) ,
Section 301 ,
Supply Chain ,
Tariffs ,
US Trade Policies
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more