On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the “Act”) as part of an omnibus appropriations bill. The Act compels “covered entities” — companies in...more
4/7/2022
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Justice (DOJ) ,
False Claims Act (FCA) ,
FBI ,
Popular ,
Proposed Rules ,
Securities and Exchange Commission (SEC)
As criminal cyberattacks and ransomware attacks on critical infrastructure increase, companies may experience significant business disruptions. Ransomware and cyberattacks may prevent companies from fulfilling contractual...more
Recent ransomware attacks against U.S. critical infrastructure, which includes the energy sector’s production of oil and natural gas, and other sources of electricity and power, have shed a spotlight on the importance of...more
5/13/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Hackers ,
Incident Response Plans ,
International Emergency Economic Powers Act (IEEPA) ,
NIST ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
Risk Mitigation ,
Trading with the Enemy Act
BlackRock Doubles Down on Sustainability -
• BlackRock signals substantially more assertive posture on climate-related issues
• New approach to shareholder proposals saw BlackRock support 54% of environmental and social...more
4/23/2021
/ Benchmarking ,
BlackRock ,
Climate Change ,
Coronavirus/COVID-19 ,
Diversity and Inclusion Standards (D&I) ,
EEO-1 ,
Environmental Social & Governance (ESG) ,
Institutional Shareholder Services (ISS) ,
Investment ,
Securities and Exchange Commission (SEC) ,
State Street ,
Sustainability ,
Transparency ,
Vanguard
Ransomware has risen to “worst nightmare” status for many organizations, particularly in the healthcare industry. While it has been lurking for many years, recently ransomware has emerged as one of the most virulent...more
11/9/2020
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
FBI ,
Health Care Providers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Hospitals ,
Incident Response Plans ,
Personal Information ,
Popular ,
Ransomware
Ransomware has emerged as one of the most virulent cybersecurity risks, affecting public and private sector alike. In recent years, ransomware attacks have become more focused, sophisticated, costly, and numerous. Threat...more
10/15/2020
/ Civil Monetary Penalty ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Security ,
Economic Sanctions ,
FBI ,
International Emergency Economic Powers Act (IEEPA) ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
SDN List ,
U.S. Treasury
GDPR, the key piece of European privacy law, sets out strict controls on the transfer of personal data from the EU to non-EU jurisdictions and makes it unlawful to transfer personal data from the EU to a non-EU based...more
As the patchwork of state and local stay-at-home restrictions lighten, organizations are exploring safe return-to-work options, including the use of contact-tracing mobile apps for employees while on company premises. Such a...more
6/16/2020
/ Americans with Disabilities Act (ADA) ,
Applications ,
Centers for Disease Control and Prevention (CDC) ,
Coronavirus/COVID-19 ,
COVID-19 Consumer Data Protection Act ,
Data Collection ,
Employee Privacy Rights ,
Equal Employment Opportunity Commission (EEOC) ,
OSHA ,
Smartphones ,
Virus Testing ,
Workplace Safety
As greater amounts of data are being collected to track and mitigate the spread of COVID-19, concerns about personal privacy have led lawmakers in Congress from both parties to introduce legislation to ensure appropriate...more
The New York Department of Financial Services’ (DFS) cybersecurity regulation imposes significant requirements on financial services companies doing business in New York. DFS, which enforces the regulation, has remained...more
New York’s State Senate is considering a bill that would impose sweeping new requirements upon companies that collect and process consumer data, including a fiduciary-like duty to protect such data. On May 9, 2019, New York...more
In a paper published last month,[i] the UK’s Financial Conduct Authority (“FCA”) set out various cybersecurity insights gleaned from the work of cyber coordination groups (“CCGs”) the regulator established in 2017. The...more
4/4/2019
/ Bank of England ,
Banking Sector ,
Corporate Governance ,
Cyber Threats ,
Cybersecurity ,
Financial Conduct Authority (FCA) ,
Financial Services Industry ,
Investment Management ,
Popular ,
Prudential Regulation Authority (PRA) ,
UK
Businesses in California and around the country have taken notice of the twists and turns taken so far concerning the passage of the CCPA. The California legislature passed the CCPA as an alternative to an even stricter...more
This past Friday, March 1, 2019, marked the second anniversary and final effective date of the New York Department of Financial Services (DFS)’s cybersecurity regulation. Since its enactment, regulated institutions, subject...more
The CCPA is an unprecedented privacy law that grants California residents sweeping rights concerning the collection and use of their information. Once the law becomes effective on January 1, 2020, covered businesses can...more
2/14/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Covered Entities ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Disclosure Requirements ,
General Data Protection Regulation (GDPR) ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Privacy Policy
On February 21, 2018, the Securities and Exchange Commission (“SEC”) published interpretive guidance on public company cybersecurity disclosures. While the new guidance confirms the SEC’s intensified focus on cybersecurity...more
In September 2016, the New York Department of Financial Services (“DFS”) introduced the first draft of its cybersecurity regulation, which is now in a position to lead a new trend in industry-specific cybersecurity...more
On July 10, 2017, the Consumer Financial Protection Bureau (CFPB) announced a final Rule banning the use of class action waivers in a broad range of consumer finance agreements. The Rule, which was expected in light of prior...more
7/13/2017
/ Arbitration ,
Arbitration Agreements ,
Class Action ,
Class Action Arbitration Waivers ,
Consumer Contracts ,
Consumer Financial Products ,
Consumer Financial Protection Bureau (CFPB) ,
Dodd-Frank ,
Financial Institutions ,
Financial Services Industry ,
Mandatory Arbitration Clauses
On May 11, 2017, President Trump signed a long-awaited Executive Order that aims to bolster the cybersecurity of federal networks and critical infrastructure. In an effort to fulfill the President’s promise to get “tough on...more
With the beginning of the 2016 tax season, employers should be on high alert for the wave of W-2 spear phishing scams coming their way once again this year. Companies that fall victim to this type of scam likely will be faced...more
Businesses have now had four months to get to grips with the new EU-U.S. Privacy Shield for transatlantic data transfers after it came into force in August 2016. As the New Year looms, what are the emerging trends we have...more
On October 25, the U.S. Department of Treasury’s Financial Crimes Enforcement Network (“FinCEN”) published an Advisory to Financial Institutions on Cyber-Events and Cyber-Enabled Crime and an accompanying Frequently Asked...more
House Financial Services Committee Votes To Repeal And Replace Dodd-Frank -
On September 13th, the House Financial Services Committee approved the Financial CHOICE Act of 2016 to repeal and replace key parts of the 2010...more
10/5/2016
/ Broker-Dealer ,
Class Action ,
Commercial Real Estate Market ,
Consumer Financial Protection Bureau (CFPB) ,
Cyber Threats ,
Dodd-Frank ,
Enforcement Actions ,
Financial Institutions ,
FinTech ,
FSOC ,
OCC ,
Private Equity ,
Securities and Exchange Commission (SEC) ,
Whistleblowers
In May 2016, the Consumer Financial Protection Bureau (“CFPB”) took another step in its effort to ban class action waivers in certain pre-dispute arbitration agreements for consumer financial products and services, formally...more
The highly anticipated Federal Automated Vehicles Policy (AV Policy), released yesterday, provides manufacturers direction on developing safer autonomous cars. In addition, NHTSA has presented a model guide for states on...more