On February 21, 2025, Dubai-based Bybit, one of the world’s leading cryptocurrency exchanges, suffered a massive security breach, resulting in the loss of approximately $1.5 billion in Ethereum (ETH). The incident, which is...more
3/14/2025
/ Anti-Money Laundering ,
Cryptocurrency ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Digital Assets ,
Financial Crimes ,
National Security ,
Popular ,
Regulatory Oversight ,
Securities and Exchange Commission (SEC)
Paul Hastings released its SEC Cyber Incident Disclosure Report today, providing a unique look at how public companies have responded to new incident disclosure requirements. The Securities Exchange Commission (SEC) approved...more
12/19/2024
/ Compliance ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Form 10-K ,
Form 10-Q ,
Form 8-K ,
Publicly-Traded Companies ,
Ransomware ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Whistleblowers
The California Privacy Protection Agency (CPPA) Board met last week to discuss the latest updates on California Consumer Privacy Act (CCPA) draft regulations for cybersecurity audits, risk assessments, automated...more
The National Institute of Standards and Technology released an updated version of its Cybersecurity Framework, CSF 2.0. earlier this week. The CSF, initially launched in 2014, is a tool developed by NIST to help private...more
Securities and Exchange Commission (SEC) rules regarding cyber incident reporting and cybersecurity risk management, strategy, and governance, officially went into effect this week for most public companies....more
On November 27 2023, the California Privacy Protection Agency (“CPPA”) released the first draft of its automated decision-making (“ADMT”) rules (the “Draft Rules”) for those covered entities that must comply with the...more
New reporting obligations for covered entities under New York Department of Financial Services (NYDFS) Part 500 Cybersecurity Regulations went into effect on December 1, 2023. These new requirements are one portion of the...more
The New York Department of Financial Services (NYDFS) adopted a long-expected amendment to its Part 500 Cybersecurity Regulations (Part 500) this week. These are the first significant changes to Part 500 since its inception...more
The SEC’s Cybersecurity Risk Management Strategy, Governance, and Incident Disclosure Rules were officially published in the Federal Register on August 4, 2023 and go into effect on September 5, 2023....more
On July 26, 2023, the U.S. Securities and Exchange Commission adopted enhanced disclosure requirements regarding cybersecurity risk management, strategy, governance and incident reporting for public companies. The final rules...more
The New York Department of Financial Services (“NYDFS”) released a “revised proposed second amendment” on June 28 that makes further changes to its Cybersecurity Regulation (“23 NYCRR Part 500”). Part 500 was first enacted in...more
Based on recent changes to its rulemaking agenda, the Securities Exchange Commission has postponed the much anticipated release of its final rules for Cybersecurity Risk Management, Strategy, Governance and Incident...more
It has been a full year since the initial comment period closed on the Securities and Exchange Commission’s (“SEC”) proposed rule on cybersecurity disclosure, governance, and risk management for public companies (the...more