Host Gregg N. Sofer welcomes Husch Blackwell’s Erik Dullea to the podcast to explore how human error factors into cybersecurity efforts. Most data breaches trace back to some form of human error, and an approach to...more
Key Point: The FCC revised its breach notification rules for telecommunication providers to broaden the instances when notifications are required, but even with limited exceptions to the new requirements, the final rule...more
Key Point: The Federal Trade Commission (FTC) has amended the Safeguards Rule to require non-banking financial institutions to inform the FTC within 30 days of discovering any unauthorized acquisition of unencrypted customer...more
10/31/2023
/ Amended Rules ,
Board of Governors ,
Breach Notification Rule ,
Cyber Incident Reporting ,
Data Breach ,
Data Security ,
Dodd-Frank ,
FDIC ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
GLBA Privacy ,
Gramm-Leach-Blilely Act ,
Non-Public Information ,
NYDFS ,
OCC ,
Safeguards Rule ,
Securities and Exchange Commission (SEC)
Host Gregg N. Sofer welcomes Husch Blackwell partner Erik Dullea to the podcast where we discuss risk management, strategy, governance, and incident disclosure in the context of the Security and Exchange Commission’s recently...more
Key Point: The decision making processes to determine whether a cybersecurity incident is material or not, should include documenting the factors behind each determination and should be practiced before an incident...more
8/23/2023
/ Cyber Incident Reporting ,
Cybersecurity ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
Form 8-K ,
Information Technology ,
Policies and Procedures ,
Publicly-Traded Companies ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC)
Part I of this blog series discussed the compliance dates and the new definitions in the U.S. Securities Exchange Commission’s (the “SEC”) final rules (the “adopting release”) for cybersecurity disclosures. In Part II, we...more
Key Point: To avoid inadvertently increasing enforcement and litigation risks, companies should consider these suggestions to minimize headaches with the SEC’s final rules that mandate (a) disclosures in annual report of...more