News & Analysis as of

Cybersecurity Compliance Regulatory Requirements

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Baker Botts L.L.P.

EU Releases General-Purpose AI Code of Practice

Baker Botts L.L.P. on

On July 10, 2025, the EU published its Code of Practice for General-Purpose AI Models, a comprehensive, though not exhaustive, framework designed to guide Artificial Intelligence ("AI") providers in complying with the...more

Skadden, Arps, Slate, Meagher & Flom LLP

The EU’s New Cybersecurity Law for the Space Sector

Skadden, Arps, Slate, Meagher & Flom LLP on

On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more

Morrison & Foerster LLP

NIS 2: Strengthening Europe’s Cyber Defenses

Morrison & Foerster LLP on

European cybersecurity risk management and reporting obligations have received a substantial facelift. The Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the EU (“NIS 2”) became effective...more

Davis Wright Tremaine LLP

FERC Moves To Bolster Cybersecurity

Davis Wright Tremaine LLP on

On June 26, FERC approved a new reliability standard (CIP-015-1) proposed by the North American Electric Reliability Corporation ("NERC") to enhance cybersecurity of the nation's bulk electric system ("BES"). In a related...more

King & Spalding

Cyber Resilience Is Key: The Never-Ending Delays of NIS2 Implementation

King & Spalding on

The European Union’s ("EU") NIS2 Directive (Directive (EU) 2022/2555) capitalizes on the success of its predecessor, NIS, the first horizontal minimum harmonization cyber security and resilience frameworks at the EU level....more

A&O Shearman

EU Delegated Regulation on threat-led penetration testing published in OJ

A&O Shearman on

Commission Delegated Regulation (EU) 2025/1190 of 13 February has been published in the Official Journal of the European Union. The Delegated Regulation supplements the Digital Operational Resilience Act (DORA) with regard to...more

Mitratech Holdings, Inc

The 2025 TPRM Study: Key Findings and Recommendations

Mitratech Holdings, Inc on

The 2025 Mitratech Third-Party Risk Management (TPRM) Study conveys a clear message: the third-party risk landscape is evolving into a complex, interconnected ecosystem — one where every vendor, supplier, and partner plays a...more

Thomas Fox - Compliance Evangelist

#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.

Thomas Fox - Compliance Evangelist on

Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies,...more

American Conference Institute (ACI)

[Webinar] Operationalizing AI: Governance, Culture, Bias, Privacy, Data and Cyber Security Considerations - June 24th, 1:00 pm -...

American Conference Institute (ACI) on

This complimentary webinar will delve into the real-life aspects of implementation – with a focus on organizational preparedness and proactive strategic foresight. Join us as we discuss how to design and roll out a...more

Thomas Fox - Compliance Evangelist

Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder

Thomas Fox - Compliance Evangelist on

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. Join Tom Fox, the Voice of Compliance as he visits with top innovative minds, thinkers and creators in the...more

Epstein Becker & Green

Hot Topics in Employee Benefits: A Primer for In-House Lawyers

Epstein Becker & Green on

“ERISA, you’ll need a lawyer for that.” Our practice group’s tagline is meant to be a shorthand for the alphabet soup of laws that apply to employee benefits, including the Employee Retirement Income Security Act (ERISA)....more

Jackson Lewis P.C.

New DOL/EBSA Opinion Letter Program Offers A Path to Clarity for Plan Sponsors

Jackson Lewis P.C. on

On June 2, 2025, the U.S. Department of Labor (DOL) announced a significant expansion of its compliance assistance tools by launching an Opinion Letter Program across five key enforcement agencies, including the Employee...more

Venable LLP

A Closer Look at the Data Security Requirements in DOJ's Bulk Data Rule

Venable LLP on

As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more

Foley & Lardner LLP

Another FCA Cybersecurity Settlement Reinforces the Enforcement Trend

Foley & Lardner LLP on

A recent United States Department of Justice (DOJ) announcement highlights the fact that the government’s emphasis on cybersecurity enforcement under the False Claims Act (FCA) is not slowing down. According to the press...more

BakerHostetler

Data Governance: Practical Considerations for a Reasonable Security Program

BakerHostetler on

Imagine receiving an email from an unknown actor claiming to have taken approximately 2 terabytes of data from your organization’s network. The threat actor provides a file tree and sample files to substantiate its claim....more

Mitratech Holdings, Inc

EU Cyber Resilience Act: How to Prepare Now

Mitratech Holdings, Inc on

The EU Cyber Resilience Act (CRA), adopted by the European Parliament in 2024, marks a major milestone in European cybersecurity legislation. As the first EU-wide law focused on the cybersecurity of digital products, it...more

Ropes & Gray LLP

Adversarial Machine Learning in Focus: Novel Risks, Straightforward Legal Approaches

Ropes & Gray LLP on

The Artificial Intelligence and Machine Learning (“AI/ML”) risk environment is in flux. One reason is that regulators are shifting from AI safety to AI innovation approaches, as a recent DataPhiles post examined. Another is...more

A&O Shearman

Operational resilience in banking: from regulatory compliance to strategic priority

A&O Shearman on

As regulatory frameworks tighten and cybersecurity threats grow in complexity, operational resilience is, now more than ever, a boardroom challenge for banks....more

McCarter & English Blog: Government Contracts...

The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

McCarter & English Blog: Government Contracts... on

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more

Bradley Arant Boult Cummings LLP

Key Legal Issues Facing U.S. Government Contractors in 2025

Bradley Arant Boult Cummings LLP on

As the regulatory environment continues to evolve in the new administration, U.S. government contractors are facing an increasingly complex array of legal challenges. Staying compliant and competitive requires close attention...more

Sheppard Mullin Richter & Hampton LLP

Insurance Cybersecurity Certifications: An (Updated) State Roundup

Sheppard Mullin Richter & Hampton LLP on

Over half of US states require annual compliance certifications from insurance providers. While the filing time frames for this year draw to a close, companies may want to keep them in mind not only for next year, but as a...more

Health Care Compliance Association (HCCA)

OCR Loses Staff, Faces Move to New ‘Enforcement’ Office; Will HIPAA Focus, Independence Suffer?

Health Care Compliance Association (HCCA) on

Today, the HHS Office for Civil Rights (OCR) stands shoulder-to-shoulder with the likes of the Office of Inspector General and Office of General Counsel, one of just a dozen or so agencies reporting directly to the secretary....more

Alston & Bird

UK Government Publishes Cyber Governance Code of Practice for Boards and Directors

Alston & Bird on

On April 8, 2025, the UK government published the Cyber Code of Practice (the “Code”) to support board directors in governing cybersecurity risks. The Code is available online. The UK’s data protection regulator is actively...more

Davis Wright Tremaine LLP

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

Davis Wright Tremaine LLP on

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

Sheppard Mullin Richter & Hampton LLP

FedRAMP 20x – Major Overhaul Announced to Streamline the Security Authorization Process for Government Cloud Offerings

Sheppard Mullin Richter & Hampton LLP on

On March 24, 2025, the Federal Risk and Authorization Management Program (“FedRAMP”) announced a major overhaul of the program, which is being called “FedRAMP 20x.” The FedRAMP 20x announcement stated there are no immediate...more

152 Results
 / 
View per page
Page: of 7
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide