DHS and Cyber: What Should Companies Expect?
In light of recent reports of cyberattacks on telecommunications companies, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued a series of reports and statements recommending secure communications,...more
While the balance of security, privacy, and public safety has always been a concern, recent cyberattacks have highlighted conflicting guidance by United States government officials, creating potential pitfalls for businesses....more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
Continued cyberthreats drove expanded data security and breach notification requirements in 2024. Although sectors deemed high-risk saw significant activity, we also saw proposed regulations that stand to have a...more
Throughout 2024, financial sector regulators sharpened their focus on data protection and cybersecurity issues impacting financial institutions and the public. Key federal agencies like the Securities and Exchange Commission...more
Publications & Advisories - November 2024 – Kathleen Benway, Jennifer Everett, Alysa Austin, and Kristen Bartolotta published “Federal Trade Commission’s Updated Health Breach Notification Rule Is Now in Effect” in Employee...more
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
Welcome to Saul Ewing’s Public Companies Quarterly Update series. Our intent is to, on a quarterly basis, highlight important legal developments of which we think public companies should be aware. This edition is related to...more
The US Securities and Exchange Commission has adopted amendments to Regulation S-P requiring entities under its remit to provide notice to individuals affected by certain types of data breaches. This adds yet another...more
We are pleased to announce that several of the firm’s practice groups and attorneys were recognized in the 2024 edition of Chambers USA, a directory of leading law firms and attorneys. Chambers and Partners annually...more
The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more
Using AI to Build Cyber Resilience for Critical Infrastructure - "Cyber resilience serves as a literal survival strategy, offering a framework to detect threats, understand attacks, recover swiftly, and adapt to...more
The U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is publishing a proposed rule (Proposal or NPRM) that will require broad segments of industry to meet onerous and quick...more
On July 26 2023, the Securities and Exchange Commission (SEC) adopted final rules intended to enhance and standardize disclosures of cybersecurity risk management, strategy, governance, and incident reporting by public...more
On 18 December 2023, the new rules of the US Securities and Exchange Commission (SEC) regarding disclosure of material cybersecurity incidents under Item 1.05 of Form 8-K went into effect, requiring companies to report a...more
As we enter the New Year, Wiley has looked back at the top cyber issues for 2023 and what they mean for 2024. Last year, we saw the rollout of the National Cybersecurity Strategy—which outlined a new era of cyber oversight—as...more
The cyber reporting landscape is rapidly shifting. Many agencies are developing rules, and a major player has been the U.S. Securities and Exchange Commission (SEC), with important questions arising about implementation of...more
Large companies holding sensitive data – including financial services, telecommunications, business process outsourcing, hospitality, and cryptocurrency firms – as well as their IT helpdesks, are increasingly being targeted...more
Cross Border Transfers of Data. UK Data Transfers. The UK government has published a U.S. “adequacy decision” which permits U.S. organizations that have certified to the EU-US Data Privacy Framework (DPF) and UK Extension...more
On July 26, 2023, the Securities and Exchange Commission adopted new rules imposing disclosure requirements regarding cybersecurity risk management, strategy, governance and incidents. The new rules, which became effective...more
For years, federal cyber policy has been based on successful public-private partnerships, collaboration, and the promotion of voluntary standards that can be tailored to sector and organization-specific risk and needs....more