Jeremy Berkowitz on Risk Management

SEC Cybersecurity Incident Disclosure Report

Paul Hastings released its SEC Cyber Incident Disclosure Report today, providing a unique look at how public companies have responded to new incident disclosure requirements. The Securities Exchange Commission (SEC) approved...more

12/19/2024 / Compliance , Cyber Attacks , Cyber Incident Reporting , Cybersecurity , Disclosure Requirements , Form 10-K , Form 10-Q , Form 8-K , Publicly-Traded Companies , Ransomware , Risk Management , Securities and Exchange Commission (SEC) , Whistleblowers

DOJ to Evaluate AI Compliance Programs

The Department of Justice (DOJ) recently raised the stakes for businesses under investigation who use artificial intelligence (AI). The Evaluation of Corporate Compliance Program (ECCP) outlines the criteria to be considered...more

10/10/2024 / Artificial Intelligence , Compliance , Corporate Governance , Department of Justice (DOJ) , Emerging Technologies , EU , Risk Assessment , Risk Management

NYDFS Releases Major Update to Part 500 Cybersecurity Requirements for Financial Services Companies

The New York Department of Financial Services (NYDFS) adopted a long-expected amendment to its Part 500 Cybersecurity Regulations (Part 500) this week. These are the first significant changes to Part 500 since its inception...more

11/2/2023 / Amended Regulation , Chief Information Security Officer (CISO) , Cybersecurity , Data Protection , Financial Institutions , Financial Services Industry , NYDFS , Risk Assessment , Risk Management

SEC Cyber Rules Published in Federal Register

The SEC’s Cybersecurity Risk Management Strategy, Governance, and Incident Disclosure Rules were officially published in the Federal Register on August 4, 2023 and go into effect on September 5, 2023....more

8/4/2023 / Cyber Incident Reporting , Cybersecurity , Data Breach , Disclosure Requirements , Federal Register , National Security , Risk Management , Securities and Exchange Commission (SEC)

The SEC Adopts Cybersecurity Disclosure Regime for Public Companies

On July 26, 2023, the U.S. Securities and Exchange Commission adopted enhanced disclosure requirements regarding cybersecurity risk management, strategy, governance and incident reporting for public companies. The final rules...more

7/28/2023 / Cybersecurity , Disclosure Requirements , Form 8-K , Guidance Update , Publicly-Traded Companies , Risk Assessment , Risk Management , Securities and Exchange Commission (SEC)

NYDFS Proposes Further Changes to Part 500 Rules

The New York Department of Financial Services (“NYDFS”) released a “revised proposed second amendment” on June 28 that makes further changes to its Cybersecurity Regulation (“23 NYCRR Part 500”). Part 500 was first enacted in...more

7/6/2023 / Cybersecurity , Cybersecurity Framework , Data Protection , Financial Institutions , Financial Services Industry , NYDFS , Risk Assessment , Risk Management

SEC Delays Finalized Cybersecurity Rules until Fall 2023

Based on recent changes to its rulemaking agenda, the Securities Exchange Commission has postponed the much anticipated release of its final rules for Cybersecurity Risk Management, Strategy, Governance and Incident...more

6/29/2023 / Cybersecurity , Disclosure Requirements , Information Governance , Risk Management , Rulemaking Process , Securities and Exchange Commission (SEC)

The Board is Set: Preparing for the SEC’s Upcoming Cybersecurity Rules

It has been a full year since the initial comment period closed on the Securities and Exchange Commission’s (“SEC”) proposed rule on cybersecurity disclosure, governance, and risk management for public companies (the...more

5/16/2023 / Cybersecurity , Data Protection , Incident Response Plans , Information Governance , Information Technology , Policies and Procedures , Risk Management , Securities and Exchange Commission (SEC)

Jeremy Berkowitz

Paul Hastings LLP

Popular Topics by This Author

Latest Posts › Risk Management