Just over a year ago, the White House issued its long-awaited National Cybersecurity Strategy, with an emphasis on defending Critical Infrastructure, promoting public and private collaboration, and safeguarding...more
4/23/2024
/ Critical Infrastructure Sectors ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cyber Threats ,
Cybersecurity ,
Data Protection ,
Data Security ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
National Security ,
Popular ,
Public Health ,
Ransomware
On October 27, 2023, the Federal Trade Commission (“FTC”) adopted an amendment to the FTC’s Safeguards Rule that will require non-banking financial institutions to notify the FTC within thirty days of discovering a data...more
11/14/2023
/ Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
Financial Services Industry ,
Gramm-Leach-Blilely Act ,
Incident Response Plans ,
New Regulations ,
Non-Bank Lenders ,
Regulatory Reform ,
Regulatory Requirements ,
Reporting Requirements ,
Safeguards Rule
Two months ago, the White House released its National Cybersecurity Strategy. Since then, various government agencies have issued new cybersecurity guidance for certain critical infrastructure subsectors. For example, the...more
5/16/2023
/ Aviation Industry ,
Biden Administration ,
Cooperative Compliance Regime ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Data Protection ,
Data Security ,
Environmental Protection Agency (EPA) ,
Hackers ,
National Security ,
Popular ,
Regulatory Reform ,
Technology Sector ,
Transportation Industry ,
Water Management
On March 29, 2022, federal banking regulators issued important guidance for how banking organizations can comply with the upcoming requirement to notify regulators within 36 hours of ransomware or other disruptive...more
4/1/2022
/ Banking Regulators ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FDIC ,
Federal Reserve ,
Financial Institutions ,
Financial Regulatory Reform ,
Financial Services Industry ,
New Guidance ,
OCC ,
Popular ,
Ransomware ,
Regulatory Requirements
On November 18, 2021, the Federal Deposit Insurance Corporation, the Board of Governors of the Federal Reserve System, and the Office of the Comptroller of the Currency issued a joint final rule to require banking...more
11/22/2021
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Financial Institutions ,
Financial Services Industry ,
Hackers ,
Information Technology ,
New Guidance ,
Personally Identifiable Information ,
Ransomware ,
Regulatory Requirements ,
Risk Management ,
Vulnerability Assessments
Mergers & Acquisitions And Paycheck Protection Program: Proceed With Caution -
In Spring 2020, Congress adopted the CARES Act, which authorized $350 billion for the Paycheck Protection Program (“PPP”). With an additional...more
3/5/2021
/ Acquisition Agreements ,
C-Suite Executives ,
CARES Act ,
Coronavirus/COVID-19 ,
Cyber Insurance ,
D&O Insurance ,
Department of Labor (DOL) ,
Employee Retirement Income Security Act (ERISA) ,
ESOP ,
Fiduciary Duty ,
Infectious Diseases ,
Merger Agreements ,
Paycheck Protection Program (PPP)
As we bid farewell to 2020 and look toward the uncharted territory of 2021, it is hard not to take inventory of all that has changed in such a short period. No one at the beginning of 2020 would have predicted what transpired...more
1/26/2021
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Communications Decency Act ,
Contact Tracing ,
COPPA ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
DMCA ,
Employee Monitoring ,
FERPA ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Data ,
Personally Identifiable Information ,
Ransomware ,
Van Buren v United States
On July 25, 2019, New York Governor Andrew Cuomo signed the Stop Hacks and Improve Electronic Data Security Act (the “SHIELD Act”), making key changes to New York’s data breach notification and cybersecurity laws....more
7/30/2019
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
New Legislation ,
Notice Requirements ,
Personally Identifiable Information ,
Popular ,
State and Local Government ,
State Data Breach Notification Statutes
Taking affirmative steps to protect sensitive IT information from disclosure during litigation is critical prior to, during and after cybersecurity incidents. Counsel and IT professionals can apply recent commentary from the...more
Since 2010, Massachusetts has required organizations that collect personal data about Massachusetts residents to implement a comprehensive written information security program (“WISP”) designed to avoid and respond to data...more