The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
SEC’s New Cyber Rules for Publicly Traded Companies — The Consumer Finance Podcast
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Episode 293 -- Catching Up with California and Other State Privacy Laws
How to Fix the Cyber Incident Reporting Mess--DHS Weighs In
Regulatory Phishing Podcast - The Impact of Cybersecurity Compliance on Corporate Transactions
The Justice Insiders Podcast: Incidents in the Material World: SEC Adopts New Cybersecurity Rules
Episode 288 -- SEC Adopts Robust New Cybersecurity Disclosure Rules
2023 DSIR Report Deeper Dive into the Data
Cybersecurity Threats Facing Food and Agribusiness Companies & the Preparation and Protection Safeguards to Help Mitigate Them
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
2022 DSIR Report Deeper Dive: FTC
2022 DSIR Deeper Dive: Vendor Incidents
Unauthorized Access: An Inside Look at Incident Response
The State of Cyber: Breaking Down Recent Rules and Regulations
Mandatory Cyber Incident Reporting: Pros, Cons, and Next Steps
Cyberside Chats: Preserving Legal Privilege After a Cybersecurity Incident
Debra Geroux and Scott Wrobel on Responding to Data Breaches
On March 31, 2025, members of the U.S. House of Representatives Committee on Financial Services sent a letter to Mark Uyeda, Acting Chairman of the U.S. Securities and Exchange Commission. Seeking to “undo the damage from...more
On May 16, 2024, the SEC breathed new life into its decades-old Regulation S-P, which requires firms to adopt policies and procedures for the protection of customer information and records. The amended rule balloons the...more
On July 25, 2023, the US Securities and Exchange Commission (the SEC), by a 3-2 vote, adopted final rules regarding cybersecurity risk management, strategy, governance and incident reporting by public companies (the Final...more
At an Open Meeting on July 26, 2023, the US Securities and Exchange Commission (SEC) adopted final rules and amendments that impose new cybersecurity-related disclosure requirements for public companies subject to the...more
In yet another indication of the increasing weight being given by government officials to cybersecurity, on July 26, 2023, the Securities and Exchange Commission adopted new rules requiring public companies to disclose...more
On July 26, 2023, the Securities and Exchange Commission (SEC) adopted rules requiring disclosure of material cybersecurity incidents as well as periodic disclosure of cybersecurity risk, management, strategy, and governance...more
On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) voted 3-2 to adopt final rules that are intended to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and...more
The SEC today adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy...more
According to its Spring 2023 rulemaking agenda, the U.S. Securities and Exchange Commission (SEC) has delayed issuance of two sets of cybersecurity requirements that previously were expected to be finalized in April 2023. The...more
The SEC continues its overhaul of cybersecurity, cyber incident reporting, and privacy controls and requirements for industry registrants, their services providers, and corporate America generally. On March 15, 2023, the SEC...more
On March 15, 2023, the U.S. Securities and Exchange Commission (SEC) voted to propose three measures to protect customer information and hold covered institutions accountable for cyberattacks....more
Government agencies at the state and federal levels are increasingly training their sights on the cybersecurity resiliency of companies in an array of industries. The US Securities and Exchange Commission has proposed rules...more
It’s rainy season for proposed SEC cybersecurity rules. The first watershed was proposed regulations targeting investment companies’ and advisers’ cybersecurity preparedness. See “SEC Plants New Cybersecurity Regulations;...more
On March 9, 2022, the U.S. Securities and Exchange Commission (“SEC”) proposed amendments to its rules to require additional disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by...more
On March 9, 2022, the Securities and Exchange Commission (“SEC”) announced Proposed Rules on cybersecurity risk management, strategy, governance, and incident disclosure (“Proposed Rules”) to address concerns of increasing...more
As cybersecurity threats to the private and public sectors increase, the government has continued its efforts to enhance cybersecurity outside of government-controlled systems. On March 9, 2022, the U.S. Securities and...more
Introduction - On March 9, 2022, the U.S. Securities and Exchange Commission (“SEC”) proposed mandates for cybersecurity disclosures by public companies. If adopted, these mandates seek to provide investors a deeper look...more
On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the “Act”) as part of an omnibus appropriations bill. The Act compels “covered entities” — companies in...more
On March 9, 2022, the Securities and Exchange Commission (“SEC”) proposed amendments to its rules to enhance and standardize cybersecurity disclosures. The proposed amendments would require: (1) disclosure of cybersecurity...more
Corporate risk and compliance officers already labor under an influx of concerns related to cybersecurity, so you might have missed this latest news: the U.S. Securities and Exchange Commission has proposed new rules for more...more
In the wake of Russia’s invasion of Ukraine, and amid growing concerns regarding the threat of increased cyberattacks targeting infrastructure and other critical industries, there has been a flurry of federal activity to...more
On March 9, the U.S. Securities and Exchange Commission (SEC) announced proposed amendments to its rules regarding cybersecurity disclosures to satisfy a growing investor need to know more about how registrants are managing...more
On March 9, 2022, the SEC proposed new rules (“Proposed Rules”) that would expand cybersecurity disclosures applicable to public companies subject to the reporting requirements of the Securities Exchange Act of 1934...more
The Securities and Exchange Commission (“SEC”) has proposed rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and cybersecurity incident reporting by public companies...more
Following closely on its proposal for substantial new cybersecurity requirements for investment advisers and registered investment companies, the Securities and Exchange Commission (SEC) unveiled a new slate of proposed...more