The Cyber Incident Reporting for Critical Infrastructure Act (“CIRCIA” or “the Act”) is a new federal law, adopted in March 2022, which requires critical infrastructure entities to report certain cybersecurity incidents and...more
7/1/2022
/ Compliance ,
Covered Entities ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Enforcement ,
New Legislation ,
Ransomware ,
Reporting Requirements
The New York Department of Financial Services (“DFS”) is turning up the heat on cybersecurity once again. During its first-ever Cybersecurity Symposium on March 29, DFS announced a series of new measures that will require...more
A significant expansion of rules relating to cybersecurity risks - particularly for the financial sector - is under consideration by the Securities and Exchange Commission (SEC).
In public remarks last week, SEC Chair...more
2/1/2022
/ Alternative Trading System (ATS) ,
Broker-Dealer ,
Covered Entities ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Disclosure Requirements ,
Financial Services Industry ,
Investment Adviser ,
Investment Companies ,
MSRB ,
Proposed Rules ,
Publicly-Traded Companies ,
Regulation S-P ,
Regulation SCI ,
Securities and Exchange Commission (SEC)
The New York Department of Financial Services (NYDFS) recently announced the resolution, through Consent Order, of its third enforcement action against entities subject to the agency’s Cybersecurity Regulations (“Cyber...more
The New York Department of Financial Services (NYDFS) has announced its second regulatory enforcement action against a regulated entity (a New York licensed mortgage banker and loan servicer) for violating NYDFS’s...more
3/31/2021
/ Consent Order ,
Cybersecurity ,
Data Breach ,
Enforcement Actions ,
Financial Services Industry ,
Mortgage Lenders ,
Mortgage Servicers ,
Multi-Factor Authentication ,
NYDFS ,
Popular ,
Regulatory Violations ,
Reporting Requirements