On March 9, 2022, the U.S. Securities and Exchange Commission (SEC) released proposed rules regarding public companies’ reporting of (i) cybersecurity incidents, (ii) policies and procedures for identifying and managing...more
As 2022 draws to a close, it is important to keep in mind that key state-level regulations on consumer and employee data privacy will become effective as soon as 2023 begins. Data security measures, personal data processing...more
On July 8, 2022, the U.S. Department of Justice announced a $9 million settlement with federal government contractor Aerojet Rocketdyne, Inc. for alleged violations of the False Claims Act (FCA) in a case pending in the...more
On March 9, 2022, the U.S. Securities and Exchange Commission (SEC) proposed a number of new rules to enhance public companies’ reporting of (i) cybersecurity incidents, (ii) their policies and procedures for identifying and...more
3/17/2022
/ Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Form 8-K ,
Policies and Procedures ,
Popular ,
Proposed Rules ,
Publicly-Traded Companies ,
Regulation S-K ,
Risk Management ,
Securities and Exchange Commission (SEC)
On October 6, 2021, the Department of Justice (DOJ) announced a new Civil Fraud Cyber Initiative to “combine the department’s expertise in civil fraud enforcement, government procurement and cybersecurity to combat new and...more
On May 12, 2021, President Biden signed an executive order (EO) mandating that the federal government significantly improve cybersecurity within its networks and modernize federal cyber defenses. The EO acknowledges that the...more
Data privacy is a top concern for many in-house legal professionals – and for good reason – data privacy and cybersecurity legal requirements are complex and continually evolving. Data Privacy Day is a great day to start...more
Two weeks ago we wrote about proposed legislation, The COVID-19 Consumer Data Protection Act of 2020 (“CCDPA”), introduced by a group of senior Republican senators, which was designed to address privacy issues arising in the...more
As the federal, state, and local governments and industry grapple with how to respond to and prevent the spread of COVID-19, a group of senior Republican senators recently announced consumer privacy legislation designed to...more
The global coronavirus pandemic continues on, and the cyberattacks and scams continue to multiply. In the midst of the pandemic, hackers are capitalizing on fears surrounding the outbreak by crafting COVID-19-themed attacks...more
Gov. Jerry Brown signed California Consumer Privacy Act of 2018, which grants California residents unprecedented control over the collection, use, and sale of personal information. Many have already speculated that other...more
On April 25, the Securities and Exchange Commission announced a settlement with Yahoo that constituted its first enforcement action against a public company for failing to disclose a data breach.
This settlement...more
Last week, as previously reported, the U.S. Securities and Exchange Commission (SEC) unanimously voted to approve additional guidance for reporting cybersecurity risks. The release of this guidance underscores the SEC’s...more
U.S. Department of Defense (DoD) contractors face new cybersecurity compliance requirements, including a significant deadline set for December 31, 2017.
Most DoD contracts now include clauses imposing obligations on...more
July 1, 2017 The impact from the recent Petya/NotPetya ransomware attack — or what was reported as a ransomware attack but now appears to be something even more damaging — continues to spread around the globe, with several...more
Several cybersecurity firms and news outlets are reporting a new major cyberattack spreading across the globe. The attack, which is still developing and appears to have hit the UK first, is being described as a “global...more
On Friday, May 12, 2017, a massive ransomware attack swept across the globe. As of the date of this post, the attack reportedly had infected more than 100,000 organizations in 150 countries. The attack continues to propagate...more
Our Data Privacy and Security team is currently assisting multiple clients in responding to nearly identical fraudulent requests for IRS Form W-2 information. Significantly, these clients are in a number of industries and are...more
Throughout the past several years, data privacy and security practices have evolved into more than just defending against identity theft and protecting sensitive data. In fact, since 2014, to help raise awareness for data...more
1/31/2017
/ Acquisitions ,
Big Data ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Department of Financial Services ,
EU ,
EU-US Privacy Shield ,
FFIEC ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
International Data Transfers ,
Mergers ,
NIST ,
OCIE ,
Popular ,
Ransomware ,
Spokeo v Robins
Part 1 of this two part series laid out the state of the industry regarding ransomware. In Part 2, this post will examine what steps to take, or not to take, during and after a ransomware attack.
“We’ve Been Hit – Now...more
The Federal Trade Commission (FTC) is conducting a three-part fall conference workshop on select technology issues. The first conference was held on September 7th about ransomware. The second conference was held on October...more
It seems as if every day there is a new report of a data breach or cyber attack. For the same reason that Willie Sutton robbed banks — “because that’s where the money is” — cyber criminals have been incessant in their...more
After the decision of October 6, 2015, of the Court of Justice of the EU (CJEU) invalidating the decision from the EU Commission (Decision 2000/520) on the Safe Harbor, transfer of personal data to the U.S. based on Standard...more
10/16/2015
/ Cybersecurity ,
Data Protection Authority ,
Edward Snowden ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
Germany ,
International Data Transfers ,
Ireland ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
On September 29, 2015, Commodity Futures Trading Commission (CFTC) Chairman Timothy Massad delivered a “State of the Derivatives Marketplace” speech before the 3rd Annual OTC Derivative Summit North America. The speech...more
10/8/2015
/ Banking Sector ,
CFTC ,
Covered Entities ,
Cybersecurity ,
Derivatives ,
Derivatives Clearing Organizations ,
Market Participants ,
Regulatory Standards ,
Risk Assessment ,
Risk Management ,
Swap Data Repositories
There once existed a time when a crew of skydiving surfers could throw on surprisingly well crafted ex-president masks, stroll into a cash-heavy bank and rob the institution blind. There was a time when the weapon of choice...more