The SEC’s high-profile litigation against SolarWinds and its Chief Information Security Officer (CISO), Timothy G. Brown, reached a critical turning point on July 18, 2024, when a district court in the Southern District of...more
The SEC’s Director of Corporation Finance, Erik Gerding, recently issued two statements regarding a public company’s disclosure obligations in response to a cybersecurity incident. These remarks follow the adoption of the...more
6/27/2024
/ Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Enforcement ,
Form 8-K ,
Publicly-Traded Companies ,
Regulatory Requirements ,
Reporting Requirements ,
Securities and Exchange Commission (SEC) ,
Securities Regulation ,
SolarWinds ,
Technology
On Thursday morning, the Supreme Court issued its decision in FDA v. Alliance for Hippocratic Medicine. Justice Kavanaugh wrote for a unanimous Court dismissing the Alliance for Hippocratic Medicine from the case for lack of...more
6/14/2024
/ Abortion ,
Alliance for Hippocratic Medicine v Food and Drug Administration ,
Article III ,
FDA Approval ,
Food and Drug Administration (FDA) ,
Patient Access ,
Pharmaceutical Industry ,
Prescription Drugs ,
Reproductive Healthcare Issues ,
SCOTUS ,
Standing
The SEC’s high-profile litigation against SolarWinds and its Chief Information Security Officer (CISO), Timothy Brown, reached a critical juncture on May 15, 2024, when the parties presented oral arguments before Judge Paul...more
On May 7, 2024, the White House Office of the National Cyber Director (ONCD) released several reports on the United States’ cybersecurity posture and strategic plan. These documents implement the 2023 National Cybersecurity...more
5/15/2024
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Legislative Agendas ,
New Legislation ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Strategic Planning
This CLE will demystify the political and economic responses of the US, UK, EU, and their allies to the key geopolitical conflicts that continue to spark around the world in 2024—from Russia to China, semiconductors to...more
On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA), an operational component of the Department of Homeland Security (DHS), posted for public inspection its long-anticipated notice of proposed...more
4/3/2024
/ Covered Entities ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Retention ,
Enforcement ,
Information Sharing ,
New Rules ,
Proposed Rules ,
Recordkeeping Requirements ,
Reporting Requirements
On February 28, 2024, President Biden issued Executive Order 14117 on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern (the EO). The EO empowers...more
3/7/2024
/ Biden Administration ,
Cross-Border Transactions ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Brokers ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Executive Orders ,
National Security ,
Office of Foreign Assets Control (OFAC) ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Sensitive Personal Information
On February 26, 2024, the National Institute of Standards and Technology (NIST), an agency within the U.S. Department of Commerce, released Version 2.0 of its Cybersecurity Framework (CSF), the first major update since its...more
In 2017, the New York Department of Financial Services (“NYDFS”) enacted a landmark regulation requiring financial services institutions such as banks and insurance companies in the state to meet substantial cybersecurity...more
11/8/2023
/ Banking Sector ,
Covered Entities ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Financial Institutions ,
Financial Regulatory Reform ,
Financial Services Industry ,
NYDFS ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements ,
Risk Management
This week, the SEC filed a high-profile litigation asserting fraud and internal controls charges against software company SolarWinds Corporation and its Chief Information Security Officer, Timothy G. Brown, in connection with...more
11/3/2023
/ CFOs ,
Chief Information Security Officer (CISO) ,
Corporate Counsel ,
Corporate Governance ,
Corporate Officers ,
Cybersecurity ,
Information Security ,
Information Technology ,
Popular ,
Securities and Exchange Commission (SEC) ,
Securities Fraud ,
Securities Litigation ,
Securities Violations ,
Security Breach
Jenner & Block is proud to host its inaugural Realty Rendezvous, a comprehensive half-day program designed to promote conversations about the industry. At four different panels, top minds in the industry will discuss trends...more
10/27/2023
/ Best Practices ,
Cybersecurity ,
Data Privacy ,
Events ,
Eviction ,
Hospitality Industry ,
Incident Response Plans ,
Landlords ,
Property Owners ,
Real Estate Market ,
Tenants ,
Vacant Properties
On July 25, 2023, the US Securities and Exchange Commission (the SEC), by a 3-2 vote, adopted final rules regarding cybersecurity risk management, strategy, governance and incident reporting by public companies (the Final...more
8/7/2023
/ Compliance ,
Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Privacy ,
Disclosure Requirements ,
FCC ,
Filing Deadlines ,
Final Rules ,
Popular ,
Proposed Rules ,
Publicly-Traded Companies ,
Reporting Requirements ,
Required Forms ,
Securities and Exchange Commission (SEC) ,
XBRL Filing Requirements
On July 13, 2023, the White House published the National Strategy Implementation Plan (the Implementation Plan). According to the White House, the Implementation Plan is a “roadmap to realize” the mission of the National...more
Last month, Gurbir Grewal, the Director of the SEC’s Division of Enforcement, spoke at the Financial Times Cyber Resilience Summit. During the remarks, he outlined the importance of cybersecurity and signaled that the SEC is...more
7/11/2023
/ Amended Rules ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Disclosure Requirements ,
Enforcement Actions ,
Financial Institutions ,
Incident Response Plans ,
Personal Data ,
Policies and Procedures ,
Publicly-Traded Companies ,
Risk Management ,
Securities and Exchange Commission (SEC)
Medication abortions using mifepristone and misoprostol now account for more than half of all abortions performed in the United States today. In the post-Dobbs era, medication abortion is critical to reproductive rights...more
As cyber-attacks and data breaches pose an increasing threat to market participants, the US Securities and Exchange Commission (“SEC”) has become increasingly focused on the cyber risks to the public and the market at large....more
3/29/2023
/ Compliance ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Financial Institutions ,
Personal Information ,
Policies and Procedures ,
Proposed Amendments ,
Risk Management ,
Securities and Exchange Commission (SEC)
On March 1, 2023, the White House released a new National Cybersecurity Strategy (the Strategy) documenting the Biden-Harris administration’s approach to improving cybersecurity across the digital ecosystem. The Strategy...more
The Federal Trade Commission (FTC) recently filed a complaint against a data broker alleging that the collection and sale of precise location data significantly harms consumers, especially if the data contains information...more
9/14/2022
/ Biden Administration ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Sellers ,
Dobbs v. Jackson Women’s Health Organization ,
Federal Trade Commission (FTC) ,
Healthcare ,
Location Data ,
Privacy Concerns ,
Roe v Wade ,
SCOTUS
Working in partnership with abortion service providers and civil liberties groups, a Jenner & Block team filed a lawsuit in Florida to block the implementation of a new state law that would ban abortion after 15 weeks of...more
6/3/2022
/ Abortion ,
American Civil Liberties Union (ACLU) ,
Civil Liberties ,
Florida ,
Healthcare ,
Healthcare Reform ,
Human Rights ,
Injunctions ,
Patient Access ,
Pro Bono ,
Right-To-Access ,
State Constitutions ,
Women's Rights
On May 19, 2022, the Department of Justice (DOJ) issued revisions to its existing policy for charging offenses under the Computer Fraud and Abuse Act (CFAA) (2022 CFAA Policy). The revisions state that “good-faith” security...more
On March 15, 2022, President Biden signed into law the “Cyber Incident Reporting for Critical Infrastructure Act of 2022” (the Act) as part of the 2022 federal funding bill.
Among other things, the Act requires critical...more
3/18/2022
/ Biden Administration ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Federal Breach Notification Standard ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
New Legislation ,
Ransomware ,
Regulatory Reform ,
Regulatory Requirements
Last week, the SEC proposed rule amendments to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The proposed rules include an...more
In the nearly three weeks since Russia’s invasion of Ukraine, over 30 countries continue to increase their sanctions targeting Russian individuals, financial institutions, exports of technology, and key sectors of the Russian...more
3/14/2022
/ Asset Freeze ,
Biden Administration ,
Blocked Person ,
Economic Sanctions ,
Export Controls ,
Financial Transactions ,
Foreign Policy ,
Foreign Relations ,
Foreign Trade Regulations ,
Military Conflict ,
National Security ,
Office of Foreign Assets Control (OFAC) ,
Russia ,
SDN List ,
Ukraine ,
Vladimir Putin
In a speech to the Securities Regulation Institute conference last week, Chair Gary Gensler signaled the SEC may implement more stringent cybersecurity regulations, and in the meantime, would work to enforce existing...more