On Thursday, February 20, the U.S. Securities and Exchange Commission (“SEC”) announced that it created a Cyber and Emerging Technologies Unit (“CETU”) to combat cyber-focused financial misconduct. The announcement reflects a...more
On July 26, 2023, the U.S. Securities and Exchange Commission (the “Commission”) adopted final rules on cybersecurity risk management, strategy, governance, and incident disclosure by a split vote of 3-2. While the...more
On July 29, 2022, the New York Department of Financial Services (“NYDFS”) released Draft Amendments to its Part 500 Cybersecurity Rules, which propose substantial new obligations for the cybersecurity programs of companies...more
On March 9, 2022, the Securities and Exchange Commission (SEC) proposed rules intended to enhance and standardize public company disclosures regarding cybersecurity risk management, strategy, governance, and incident...more
On June 15, the Securities and Exchange Commission announced a settlement with First American Financial Corporation for what the SEC found were inadequate disclosure controls and procedural violations, revealed in connection...more
The New York Department of Financial Services’ (DFS) cybersecurity regulation imposes significant requirements on financial services companies doing business in New York. DFS, which enforces the regulation, has remained...more
This past Friday, March 1, 2019, marked the second anniversary and final effective date of the New York Department of Financial Services (DFS)’s cybersecurity regulation. Since its enactment, regulated institutions, subject...more