No Password Required: LIVE From Sunshine Cyber Con
Corruption, Crime and Compliance : Cybersecurity and Compliance: The Growing Partnership of CISOs and CCOs
Episode 282 -- CISO and CCOs -- The Evolving Partnership
Compliance Into The Weeds - HanesBrands Cyber Security Breach Disclosure
Cyberside Chats: Protect Your Crown Jewels – Nobody breaks into a bank to steal the posters
Cyberside Chats: Don’t silo your risk from legal (with Ingrid Rodriguez)
Cyberside Chats: Everyone wants to be Batman. Hacking Back & Cybersecurity Law
No Password Required: The Philosopher CISO of Tallahassee Who Lives to Help Other People
CyberSide Chats: Recap of the White House Cyber Summit (with Amanda Fennell)
Marti Arvin and Anthony Buenger on the CMMC Framework
The first year of a new significant regulatory obligation is often more notable for the absence of regulatory enforcement actions as regulators often observe compliance efforts and challenges, offer guidance, and look for...more
Let’s role-play the title “Chief Information Security Officer” (CISO) as various chess pieces, each representing different aspects of the challenges and responsibilities faced in this critical position. Examining these...more
The SEC on Oct. 22, 2024, announced charges against four companies for allegedly making materially misleading disclosures concerning the impact of cybersecurity incidents associated with the compromised SolarWinds' Orion...more
Our corporate team outline the latest developments within the corporate and finance market in Bermuda including Bermuda’s Corporate Income Tax Act 2023, Cyber risk management and The Bermuda Monetary Authority's enhancements...more
Section 13(b)(2)(B) of the Securities Exchange Act of 1934 requires public companies to “devise and maintain a system of internal accounting controls.” In a recent opinion, a New York federal court rejected the Securities...more
The U.S. District Court for the Southern District of New York has dismissed many of the Securities and Exchange Commission’s (SEC’s) claims against software development company SolarWinds and its chief information security...more
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
This Holland & Knight blog post is the second installment in a two-part series that examines the challenges to the U.S. Securities and Exchange Commission's (SEC) charges in its landmark case against SolarWinds Corp....more
On July 18, 2024, District Court Judge Engelmayer of the Southern District of New York issued his 107-page opinion and order dismissing most – but not all – of the landmark allegations of the SEC against SolarWinds Corp. and...more
On July 18, a New York federal judge threw out most of the SEC’s claims brought against both SolarWinds Corp. and the company’s chief information security officer (CISO), Timothy Brown....more
On July 18, Judge Paul Engelmayer of the Southern District of New York issued a lengthy order dismissing the majority of the SEC’s enforcement case against SolarWinds Corporation (SolarWinds) and its CISO, Timothy Brown. The...more
The SEC continues to expand its cybersecurity enforcement authority to include allegations that a company's failure to monitor its managed security service providers (MSSP) amounts to violations of federal securities laws....more
The SEC has been aggressively pursuing cybersecurity investigations and enforcement actions against public companies and foreign private issuers. In these actions, the SEC often alleges one of two theories: 1) that the...more
Managing these risks at a single company should be straightforward. Executives and CISOs may be personally held accountable for cyber failings, negligence, breaches, and inadequate disclosure around cyber vulnerabilities and...more
A number of significant regulatory, legal, market, and ESG-related developments and issues will affect how public companies approach the upcoming year-end reporting process. As in past years, Mintz has prepared an in-depth...more
On November 1, 2023, the New York State Department of Financial Services (“DFS”) amended its cybersecurity regulations to institute additional standards and controls aimed at securing sensitive data among the financial...more
Partner and co-head of Skadden’s Cybersecurity and Data Privacy practice David Simon recently sat down with two chief information security officers (CISOs) from the private equity sector as part of the firm’s National Cyber...more
This week, the SEC filed a high-profile litigation asserting fraud and internal controls charges against software company SolarWinds Corporation and its Chief Information Security Officer, Timothy G. Brown, in connection with...more
Any time a regulation is put forth, there is always a level of uncertainty, especially regarding understanding the roles and responsibilities of key business leaders. The SEC’s new cybersecurity final rule means heightened...more
The SEC, by a 3-2 vote, has adopted new rules requiring companies to provide: ..current disclosure on Form 8-K within four business days of determining that a material cybersecurity incident has occurred; and ...more
Clearly defined roles and responsibilities are an essential component of an effective compliance program. Failure to adequately assign responsibility can lead to gaps in compliance coverage and a lack of accountability. ...more
Most chief compliance officers (CCOs) are not technology experts, just as chief information security officers (CISOs) are not regulatory compliance experts. But as a strategic partnership, these two functions play an...more
As our business environment becomes more complex and regulated, it is crucial for organizations to stay on top of their risk and compliance priorities. In this webinar, leaders in compliance and statistical research will...more
ChatGPT really is a marvelous technology – an artificial intelligence designed to answer just about any question a person might ask it – and yet, somehow, it leaves CISOs and compliance officers with even more questions....more
The Bermuda Monetary Authority published the revised Operational Cyber Risk Management Code of Conduct (the “Cyber Risk Code”) for corporate service providers, trust companies, money services businesses, investment...more