News & Analysis as of

Cyber Incident Reporting Compliance Today's Popular Updates

Ankura

NIS2: What It Means for Businesses in APAC

Ankura on

NIS2 (Network and Information Systems Directive 2) is the updated version of the NIS Directive, which the EU first introduced in 2016. The original NIS Directive aimed to enhance cybersecurity across member states by...more

King & Spalding

EU DORA: Are you in scope, and if so, how can you prepare?

King & Spalding on

The Digital Operational Resilience Act (DORA) establishes a harmonised and comprehensive framework for information and communication technology (ICT) risk management in the financial sector. It is a directly applicable EU...more

Lippes Mathias LLP

Hospital Administrators – Is Your Hospital Cyber-Secure?

Lippes Mathias LLP on

On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more

Society of Corporate Compliance and Ethics...

The SEC’s cybersecurity and disclosure rules: The questions compliance pros still have

The U.S. Securities and Exchange Commission (SEC) Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules officially went into effect in December 2023. Aimed at improving cybersecurity risk...more

Health Care Compliance Association (HCCA)

2nd Settlement Triggered by 2017 Ransomware Attack Costs WA Practice $100K; ‘Not a Breach’

Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more

Latham & Watkins LLP

SEC Imposes New Cybersecurity Requirements on BrokerDealers, Investment Companies, Registered Investment Advisers, and Transfer...

Latham & Watkins LLP on

Covered institutions will need to review their cybersecurity and incident response policies and procedures ahead of the applicable compliance deadline. The Securities and Exchange Commission (SEC) recently adopted...more

HaystackID

New Cyber Regulations Define Battle Lines in Corporate and Infrastructure Security

HaystackID on

Amidst an ever-evolving cyber threat landscape, a recent slew of regulatory updates and cybersecurity standards are defining a new battlefront for securing critical infrastructure and corporate data across varying sectors....more

Venable LLP

Preparing for the EU Cyber Resilience Act

Venable LLP on

The European Union (EU) is poised to enact the Cyber Resilience Act (CRA), a comprehensive cybersecurity regulation with major implications for software and connected device manufacturers in the United States and globally....more

Epiq

Four of the Hottest Topics in Cyber Last Year

Epiq on

From large-scale hacks to new rules governing cyber practices, the cyber landscape continues to become more complex. The risk for breaches is higher than ever before. The numbers support this declaration. According to the...more

K&L Gates LLP

DOJ, FBI, and SEC Provide Guidance For Delay Requests Relating to Disclosure of Cybersecurity Incidents Under Form 8-K

K&L Gates LLP on

On 18 December 2023, the new rules of the US Securities and Exchange Commission (SEC) regarding disclosure of material cybersecurity incidents under Item 1.05 of Form 8-K went into effect, requiring companies to report a...more

Bradley Arant Boult Cummings LLP

Network Topology and Mapping: Cornerstones of Data Security – Part 1

Data security is a top concern for organizations in today’s digital landscape. It protects data from unauthorized access, use, modification, or disclosure, and requires implementing technical, administrative, and physical...more

Clark Hill PLC

Incident Reporting: The Newly Proposed Cybersecurity Requirements

Clark Hill PLC on

Last month the Federal Acquisition Regulatory (FAR) Council announced a major proposal regarding cybersecurity incident reporting and information. Comments currently are now due by February 2, 2024....more

Health Care Compliance Association (HCCA)

BA Depicted by OCR as Example of Ransomware Dangers Recovered Quickly, Didn’t Expect Fine

Report on Patient Privacy 23, no. 11 (November, 2023) Tim DiBona clearly remembers Christmas Eve 2018 when the staff of his small firm—Doctors’ Management Service (DMS)—arrived at their West Bridgewater, Mass., office to...more

BakerHostetler

Addressing the SEC’s New Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure Requirements

BakerHostetler on

In July 2023, the SEC adopted new cybersecurity rules for the stated purpose of enhancing and standardizing disclosures regarding cybersecurity risk management, strategy, governance and incidents by public companies. The...more

Baker Donelson

Show Your Work: The SEC Cyber Rules and Documenting Materiality Analysis Under NIST FIPS 199

Baker Donelson on

The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more

K2 Integrity

SEC’s New Cyber Disclosure Rule: Challenges, Consequences, And Compliance

K2 Integrity on

The U.S. Securities and Exchange Commission’s (SEC) impending cyber disclosure rule, slated to commence on 15 December 2023, underscores an imperative shift towards a more transparent and accountable cybersecurity posture for...more

Health Care Compliance Association (HCCA)

Privacy Briefs: October 2023

Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more

Smith Anderson

Public Companies Get Prepared: SEC Adopts New Cybersecurity Disclosure Rules

Smith Anderson on

The SEC adopted new rules for public companies regarding disclosure of information relating to cybersecurity risk management, strategy, governance, and material incidents. Companies will now be required to disclose...more

Epiq

Breaking Down the New SEC Cybersecurity Rules

Epiq on

On July 26, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules. Organizations will need to disclose material cyber incidents pursuant to a prescribed timeline and information regarding risk...more

Faegre Drinker Biddle & Reath LLP

SEC Adopts New Cybersecurity Rule

On July 26, the Securities and Exchange Commission (“SEC”) finalized a much anticipated rule addressing cybersecurity risk management, strategy, governance, and incident disclosure. Public companies registered with the SEC...more

Jenner & Block

SEC Adopts Rules on Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure by Public Companies

Jenner & Block on

On July 25, 2023, the US Securities and Exchange Commission (the SEC), by a 3-2 vote, adopted final rules regarding cybersecurity risk management, strategy, governance and incident reporting by public companies (the Final...more

Morrison & Foerster LLP

European Digital Compliance: Key Digital Regulation & Compliance Developments - January 2023

To help organizations stay on top of the main developments in European digital compliance, Morrison Foerster’s European Digital Regulatory Compliance team reports on some of the main topical digital regulatory and compliance...more

BCLP

Cyber laws will be updated to boost UK’s resilience against online attacks

BCLP on

The UK government confirmed on 30 November 2022 that there will be changes to the UK’s cybersecurity regulations in response to a public consultation launched earlier this year. This follows recent updates relating to the...more

BakerHostetler

Former Uber Chief Security Officer Convicted of Federal Obstruction and Concealment Crimes in Connection with Extortionate Data...

BakerHostetler on

On October 5, 2022, a federal jury found Joseph Sullivan, Uber’s former chief security officer, guilty of obstruction of justice and misprision of a felony in connection with his role in responding to a 2016 data breach...more

Fox Rothschild LLP

DOD Memo Identifies Penalties for Noncompliance with DFARS Cyber Requirements

Fox Rothschild LLP on

While Cybersecurity Maturity Model Certification 2.0 (CMMC 2.0) is still a work in progress, federal contractors should beware of the existing DFARS cybersecurity requirements. ...more

29 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide