On April 27, 2021, the New York State Department of Financial Services (“DFS” or the “Department”) released a report regarding its investigation into the response by DFS covered entities to the SolarWinds supply chain attack....more
5/5/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Incident Response Plans ,
Information Technology ,
NYDFS ,
Russia ,
Software ,
SolarWinds ,
Supply Chain ,
Third-Party Service Provider
Ransomware victims face a nearly impossible decision: pay criminals holding their business hostage or refuse and face possible crippling consequences. This decision requires careful analysis of a number of considerations, and...more
2/25/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Incident Response Plans ,
Information Technology ,
New Guidance ,
NYDFS ,
Personally Identifiable Information ,
Popular ,
Ransomware
On February 4, the New York Department of Financial Services (NYDFS) released Insurance Circular Letter No. 2 (2021), a Cyber Insurance Risk Framework (Framework) for insurers that write cyber insurance....more
2/17/2021
/ Consumer Insurance Products ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Insurance ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Protection ,
Insurance Regulations ,
NYDFS ,
Popular ,
Risk Management ,
State and Local Government
On January 12, 2021, the Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve System (Board), and the Federal Deposit Insurance Corporation (FDIC) published a Notice of Proposed...more
1/13/2021
/ Cybersecurity ,
Data Breach ,
Data Protection ,
FDIC ,
Federal Breach Notification Standard ,
Financial Institutions ,
Financial Regulatory Reform ,
Financial Services Industry ,
FRB ,
NPRM ,
OCC ,
Popular ,
Regulatory Requirements
Following promises of increased enforcement, on July 22, 2020, the New York Department of Financial Services (NYDFS) announced the first cybersecurity enforcement action pursuant to its Cybersecurity Regulation, which...more
The Federal Trade Commission (FTC) recently published a paper recapping its December 2017 Informational Injury Workshop. ...more
California continues to be a first mover in privacy in the United States, enacting the US’s toughest and most comprehensive privacy legislation on Thursday, June 28, 2018....more
The U.S. Environmental Protection Agency was created in 1970 to safeguard the environment against pollutants. The tidal wave of environmental regulations that followed impacted every industry in the United States, especially...more
5/10/2018
/ Automated Transportation ,
Automotive Industry ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Storage ,
Data Use Policies ,
Drivers ,
General Data Protection Regulation (GDPR) ,
Manufacturers ,
Motor Vehicles ,
Personal Data ,
Popular ,
Smart Devices ,
Technology Sector
Prompted by concern over the increase in the risks and frequency of data breach incidents and other cyber-attacks affecting public companies, the Securities and Exchange Commission recently published interpretive guidance to...more
3/6/2018
/ Cyber Threats ,
Cybersecurity ,
Data Breach ,
Disclosure Requirements ,
Financial Statements ,
Insider Trading ,
Interpretive Rule ,
Non-Public Information ,
Publicly-Traded Companies ,
Regulation FD ,
Regulation S-K ,
Risk Management ,
Securities and Exchange Commission (SEC)
Technological vulnerabilities, regulators’ watchful eyes, and personal connections with our vehicles – create a collision course for cyber risk. Partners Harriet Pearson and Tim Tobin dissect these three simple reasons why...more