On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the “Act”) as part of an omnibus appropriations bill. The Act compels “covered entities” — companies in...more
4/7/2022
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Justice (DOJ) ,
False Claims Act (FCA) ,
FBI ,
Popular ,
Proposed Rules ,
Securities and Exchange Commission (SEC)
As criminal cyberattacks and ransomware attacks on critical infrastructure increase, companies may experience significant business disruptions. Ransomware and cyberattacks may prevent companies from fulfilling contractual...more
Recent ransomware attacks against U.S. critical infrastructure, which includes the energy sector’s production of oil and natural gas, and other sources of electricity and power, have shed a spotlight on the importance of...more
5/13/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Hackers ,
Incident Response Plans ,
International Emergency Economic Powers Act (IEEPA) ,
NIST ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
Risk Mitigation ,
Trading with the Enemy Act
Ransomware has risen to “worst nightmare” status for many organizations, particularly in the healthcare industry. While it has been lurking for many years, recently ransomware has emerged as one of the most virulent...more
11/9/2020
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
FBI ,
Health Care Providers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Hospitals ,
Incident Response Plans ,
Personal Information ,
Popular ,
Ransomware
Ransomware has emerged as one of the most virulent cybersecurity risks, affecting public and private sector alike. In recent years, ransomware attacks have become more focused, sophisticated, costly, and numerous. Threat...more
10/15/2020
/ Civil Monetary Penalty ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Security ,
Economic Sanctions ,
FBI ,
International Emergency Economic Powers Act (IEEPA) ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
SDN List ,
U.S. Treasury
The New York Department of Financial Services’ (DFS) cybersecurity regulation imposes significant requirements on financial services companies doing business in New York. DFS, which enforces the regulation, has remained...more
In a paper published last month,[i] the UK’s Financial Conduct Authority (“FCA”) set out various cybersecurity insights gleaned from the work of cyber coordination groups (“CCGs”) the regulator established in 2017. The...more
4/4/2019
/ Bank of England ,
Banking Sector ,
Corporate Governance ,
Cyber Threats ,
Cybersecurity ,
Financial Conduct Authority (FCA) ,
Financial Services Industry ,
Investment Management ,
Popular ,
Prudential Regulation Authority (PRA) ,
UK
This past Friday, March 1, 2019, marked the second anniversary and final effective date of the New York Department of Financial Services (DFS)’s cybersecurity regulation. Since its enactment, regulated institutions, subject...more
The CCPA is an unprecedented privacy law that grants California residents sweeping rights concerning the collection and use of their information. Once the law becomes effective on January 1, 2020, covered businesses can...more
2/14/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Covered Entities ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Disclosure Requirements ,
General Data Protection Regulation (GDPR) ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Privacy Policy
On February 21, 2018, the Securities and Exchange Commission (“SEC”) published interpretive guidance on public company cybersecurity disclosures. While the new guidance confirms the SEC’s intensified focus on cybersecurity...more
In September 2016, the New York Department of Financial Services (“DFS”) introduced the first draft of its cybersecurity regulation, which is now in a position to lead a new trend in industry-specific cybersecurity...more
On May 11, 2017, President Trump signed a long-awaited Executive Order that aims to bolster the cybersecurity of federal networks and critical infrastructure. In an effort to fulfill the President’s promise to get “tough on...more
On October 25, the U.S. Department of Treasury’s Financial Crimes Enforcement Network (“FinCEN”) published an Advisory to Financial Institutions on Cyber-Events and Cyber-Enabled Crime and an accompanying Frequently Asked...more
The European Parliament gave final approval to the Network and Information Security Directive (“Directive”), the first-ever EU-wide cybersecurity standards, on July 6, 2016. The Directive seeks to improve the cybersecurity...more