Covered financial institutions now face heightened expectations in relation to cybersecurity governance, risk assessment, and incident reporting.
The New York State Department of Financial Services’ (DFS) amendments (the...more
Cybersecurity incidents pose legal challenges for in-house counsel, alongside their technical implications. This overview highlights key aspects that legal departments must know when reacting to data breaches.
...more
The National Highway Traffic Safety Administration’s updated guidance encourages auto industry suppliers and manufacturers to consider cybersecurity a top organizational priority.
On September 9, 2022, the National...more
Companies should take steps now to prepare for the new rules and expectations.
The US government continues to expand regulatory requirements around notification and disclosure of major cyberattacks or incidents. ...more
President Biden signed an executive order to bolster the federal government’s cybersecurity posture on May 12. The order focuses on implementing vital improvements to networks of federal departments and agencies, many of...more
6/9/2021
/ Biden Administration ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Government Agencies ,
National Security ,
Notice Requirements ,
Risk Assessment ,
Risk Management
With the new administration poised to take office, public and private companies will need to consider how President Biden’s regulatory, enforcement, and legislative priorities will affect their businesses. During this...more
2/17/2021
/ Administrative Law Judge (ALJ) ,
Antitrust Provisions ,
Biden Administration ,
Broadband ,
CFIUS ,
Climate Change ,
Commodities ,
Congressional Oversight ,
Cybersecurity ,
Data Privacy ,
Energy Policy ,
Energy Sector ,
Environmental Policies ,
FCC ,
Health Care Providers ,
Investigations ,
Legislative Agendas ,
Life Sciences ,
Net Neutrality ,
Regulatory Agenda ,
Sanctions ,
Securities Regulation ,
White Collar Crimes
US regulators are calling attention to financial firms’ obligations to protect against evolving cybersecurity threats.
On October 2, 2019, the Financial Industry Regulatory Authority (FINRA) issued an information notice to...more
11/26/2019
/ Business E-Mail Compromise (BEC) ,
CFTC ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Financial Industry Regulatory Authority (FINRA) ,
Information Systems Security Program (ISSP) ,
National Futures Association ,
New Guidance
Ninth hearing on Competition and Consumer Protection in the 21st century highlights challenges of addressing persistent threats to data security.
On December 11 and 12, the Federal Trade Commission (the FTC or the...more
What directors really need to know about the SEC guidance that has generated so much chatter.
With so much boardroom attention on cybersecurity, directors continue to focus on the Securities and Exchange Commission (SEC)...more
As of December 31, 2017, many United States government contractors face a new compliance requirement involving cybersecurity. This requirement will govern most new Department of Defense (DoD) contracts and, significantly,...more
12/26/2017
/ Bid Protests ,
Breach of Contract ,
Cybersecurity ,
Data Protection ,
Data Security ,
Department of Defense (DOD) ,
DFARS ,
False Claims Act (FCA) ,
Federal Contractors ,
NIST ,
Popular
The DFARS final rule requires contractors to safeguard information systems and imposes investigation and reporting requirements in the case of cyber incidents.
As of December 31, 2017, many United States government...more
Trump Administration’s required cybersecurity assessments provide potential for new round of public-private collaboration.
The Trump Administration recently issued a much anticipated Executive Order (EO) addressing...more
The Trump Administration has issued a much anticipated Executive Order (EO),“Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” directing federal executive agency heads to undertake various...more
The revised regulations eliminate many of the categorical requirements in the original proposal and instead adopt a more risk-based approach.
On December 28, 2016, the New York State Department of Financial Services...more
Comments submitted on the proposed regulations criticize the lack of a risk-based approach, overbroad definitions, potential extraterritorial implications, an excessive breach notification threshold and a daunting annual...more
The Standing Committee of the National People’s Congress of the People’s Republic of China (PRC) has introduced China’s first and comprehensive Network Security Law (also referred to as Cybersecurity Law). The law will have...more
The law will have far-reaching implications for parties that utilize the Internet and handle network data and personal information in the PRC.
On November 7, 2016, the Standing Committee of the National People’s Congress...more
Hacking of organizations’ systems is becoming increasingly commonplace, even with advancements in security practices. To mitigate risk, a company must have an enterprise-level, cross-functional incident response plan that is...more
Hacking of organisations’ systems is becoming increasingly commonplace, even with advancements in security practices. To mitigate risk, a company must have an enterprise-level, cross-functional incident response plan that is...more
Preparing for and rehearsing how to respond to a breach is as important as improving security systems and protocols.
Hacking of organizations’ systems is becoming increasingly commonplace, even with advancements in...more