The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
SEC’s New Cyber Rules for Publicly Traded Companies — The Consumer Finance Podcast
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Episode 293 -- Catching Up with California and Other State Privacy Laws
How to Fix the Cyber Incident Reporting Mess--DHS Weighs In
Regulatory Phishing Podcast - The Impact of Cybersecurity Compliance on Corporate Transactions
The Justice Insiders Podcast: Incidents in the Material World: SEC Adopts New Cybersecurity Rules
Episode 288 -- SEC Adopts Robust New Cybersecurity Disclosure Rules
2023 DSIR Report Deeper Dive into the Data
Cybersecurity Threats Facing Food and Agribusiness Companies & the Preparation and Protection Safeguards to Help Mitigate Them
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
2022 DSIR Report Deeper Dive: FTC
2022 DSIR Deeper Dive: Vendor Incidents
Unauthorized Access: An Inside Look at Incident Response
The State of Cyber: Breaking Down Recent Rules and Regulations
Mandatory Cyber Incident Reporting: Pros, Cons, and Next Steps
Cyberside Chats: Preserving Legal Privilege After a Cybersecurity Incident
Debra Geroux and Scott Wrobel on Responding to Data Breaches
Cyber incidents such as the 2024 event involving Change Healthcare, which compromised the personal information of over 100 million people, highlight the evolving nature of cyber threats – increasingly becoming risk management...more
Lawmakers expressed bipartisan support for significantly amending or eliminating some cybersecurity incident notification requirements during a recent hearing of the U.S. House Committee on Homeland Security's Subcommittee on...more
In July 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules requiring public companies to report material cybersecurity incidents under new Item 1.05 of Form 8-K beginning on December 18, 2023. Our...more
On January 13, 2025, the Securities and Exchange Commission (“SEC”) filed a settled enforcement action against Ashford Inc. (“Ashford” or “the Company”), a company that provides products and services to the real estate and...more
Cyberattacks are affecting every company and sector. Meanwhile, the regulatory landscape is intensifying as the SEC continues to enforce the cyber-risk management disclosure rules. Every day presents a new compliance and...more
Joseph Sullivan, Uber’s beleaguered former Chief Information Security Officer, was back in the news last month when he appealed his 2023 conviction for his role in concealing a 2016 breach of Uber’s network and customer data....more
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
On October 22, 2024, the SEC charged two current reporting companies, Unisys Corp. and Check Point Software Technologies, and two former public companies, Mimecast Limited and Avaya Holdings Corp., with making materially...more
By now, public companies are generally aware of the cybersecurity rules adopted by the U.S. Securities and Exchange Commission a year ago, requiring public companies to disclose material cybersecurity incidents under Item...more
Virtually all organizations have an obligation to safeguard their personal data against unauthorized access or use, and, in some instances, to notify affected individuals in the event such access or use occurs. Those...more
On May 16, the Securities and Exchange Commission (SEC) unanimously approved amendments to Regulation S-P, which imposes new rules relating to cybersecurity breaches involving investment advisers and brokers. Larger entities...more
Last month, the Director of the Division of Corporation Finance (“Director”) of the Securities and Exchange Commission (“SEC”) issued new guidance regarding disclosures of material cybersecurity incidents via Form 8-K under...more
Who may be interested: Investment Companies; Investment Advisers; Broker-Dealers; Transfer Agents - The SEC adopted amendments to Regulation S-P imposing new data privacy and security requirements on broker-dealers,...more
The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more
Last week, the U.S. Securities and Exchange Commission (“SEC”) became the latest federal regulator to implement a data breach notification law. The commissioners unanimously voted to approve amendments to Regulation S-P (the...more
On May 16, 2024, the Securities and Exchange Commission (SEC) announced the adoption of amendments to Regulation S-P (Reg S-P), which broadly track the changes originally proposed in March 2023. The revised Reg S-P requires...more
New regulations continue to push boards in the direction of active engagement in their cyber oversight role, including breach response. But, how can boards strike the right balance in their oversight role during a significant...more
At this point, it is self-evident that companies are grappling with an ever-evolving (think: tougher) cyber risk terrain. However, two recent cases against companies and their Chief Information Security Officers (CISOs),...more
Are you prepared for the new SEC Rule on Cybersecurity Incident and Risk Management Disclosures? Don't let your business get caught off guard! This webinar will cover important points about the rule and how to effectively...more
From large-scale hacks to new rules governing cyber practices, the cyber landscape continues to become more complex. The risk for breaches is higher than ever before. The numbers support this declaration. According to the...more
As we enter the New Year, Wiley has looked back at the top cyber issues for 2023 and what they mean for 2024. Last year, we saw the rollout of the National Cybersecurity Strategy—which outlined a new era of cyber oversight—as...more
Securities and Exchange Commission (SEC) rules regarding cyber incident reporting and cybersecurity risk management, strategy, and governance, officially went into effect this week for most public companies....more
The requirement to disclose material cybersecurity events under new Item 1.05 of Form 8-K takes effect today (other than for smaller reporting companies, for which the new requirement will take effect on June 15, 2024)....more
On December 12, 2023, the Department of Justice (DOJ) issued guidelines for companies to follow in requesting that the Attorney General authorize delays of cyber incident disclosures required by the U.S. Securities and...more
The Black Cat/ALPHV ransomware group filed a complaint with the U.S. Securities and Exchange Commission (SEC) to allege that one of their victims failed to disclose a cyberattack to the SEC within four days, reports Bleeping...more