News & Analysis as of

Cybersecurity Cyber Attacks Reporting Requirements

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Morgan Lewis - Tech & Sourcing

Navigating Evolving Cyber Regulations in the United States

Morgan Lewis - Tech & Sourcing on

Cyber regulations are crucial for the protection of individuals and businesses and aid in risk minimization; failure to comply with these regulations can result in severe consequences such as financial penalties, legal...more

Paul Hastings LLP

NYDFS Urges Covered Entities to Review Security Practices Amidst World Turmoil

Paul Hastings LLP on

Citing “escalating global conflict,” the New York Department of Financial Services issued an alert on Monday, June 22, 2025, to its regulated covered entities, urging them to be vigilant against potential security threats,...more

Clark Hill PLC

Right To Know - June 2025, Vol. 30

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: North Dakota Passes Law...more

Hogan Lovells

Australia mandates first-of-its-kind reporting of ransomware payments

Hogan Lovells on

Australia has implemented a first-of-its kind requirement for eligible businesses to report ransomware payments. From 30 May 2025, eligible businesses that make a payment in response to a cyber security incident, or become...more

BakerHostetler

Australia’s New Ransomware Payment Reporting Law Takes Effect, Covering Both Critical Infrastructure and Other Entities

BakerHostetler on

On May 30, the ransomware payment reporting requirements of Australia’s Cyber Security Act 2024 (CSA) took effect. The new requirement applies to a broad range of entities and cyber security incidents, requiring reporting...more

Orrick, Herrington & Sutcliffe LLP

OCC announces major information security incident

Orrick, Herrington & Sutcliffe LLP on

On April 8, the OCC announced it had notified Congress of a major information security incident, as required by the Federal Information Security Modernization Act. The incident involved unauthorized access to emails and their...more

Troutman Pepper Locke

OCC Notifies Congress of Major Email System Security Breach

Troutman Pepper Locke on

On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more

DLA Piper

UK: Consultation on Ransomware payments

DLA Piper on

On 14 January 2025, the UK Home Office published a consultation paper focusing on legislative proposals to reduce payments to cyber criminals and increasing incident reporting. ...more

Integreon

Post-Breach Data Review: 5 Reasons Why You Should Not Go at It Alone

Integreon on

After a data breach, organizations need to understand the scope of the incident in order to quickly resolve it and ensure they are able to meet notification requirements. The urgency often leads to the misguided belief that...more

Troutman Pepper Locke

6 Considerations to Determine if a Cyber Incident Is Material

Troutman Pepper Locke on

In late June, the staff of the U.S. Securities and Exchange Commission’s Division of Corporation Finance released five new compliance and disclosure interpretations regarding the disclosure of material cybersecurity incidents...more

White & Case LLP

SEC Enforcement Heats up on Key Public Company Topics: Cyber Disclosure, Director Independence and Regulation FD

White & Case LLP on

The U.S. Securities and Exchange Commission's ("SEC") Division of Enforcement has recently brought a spate of enforcement actions relating to key topics for public companies. These include enforcement actions related to...more

HaystackID

[Webcast Transcript] Anatomy of a Business Email Compromise

HaystackID on

Editor’s Note: This webcast brings together some of HaystackID’s top experts to dissect the intricacies of Business Email Compromise (BEC) attacks—a rapidly growing threat impacting organizations globally. During the...more

Society of Corporate Compliance and Ethics...

The SEC’s cybersecurity and disclosure rules: The questions compliance pros still have

Society of Corporate Compliance and Ethics... on

The U.S. Securities and Exchange Commission (SEC) Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules officially went into effect in December 2023. Aimed at improving cybersecurity risk...more

Health Care Compliance Association (HCCA)

Privacy Briefs: September 2024

Health Care Compliance Association (HCCA) on

The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more

DLA Piper

Australia: Anti-Scam Measures and Ransomware Reporting on the Agenda

DLA Piper on

Cyber regulation is changing in Australia. As governments globally grapple with the everchanging and increasingly challenging cyber landscape, Australia is poised to implement new laws and update existing regulation in order...more

Troutman Pepper Locke

SEC Cybersecurity Incidents Disclosures: Materiality, Decryptors, and Ransom Payments - Dear Mary – Incidents + Investigations...

Troutman Pepper Locke on

I work for a public company that recently experienced a ransomware attack. Fortunately, we were able to restore our business operations quickly by obtaining a decryption key from the threat actor. Given that we managed to get...more

J.S. Held

Benefits of a vCISO in the Age of AI-Driven Cyberattacks

J.S. Held on

Cyberattacks powered by artificial intelligence have become more sophisticated as bad actors utilize machine learning to analyze vulnerabilities, automate exploits, and outpace traditional security measures. Through the use...more

Steptoe & Johnson PLLC

New York Federal Court Refuses to Extend Accounting Controls Requirements to Cybersecurity Controls

Steptoe & Johnson PLLC on

Section 13(b)(2)(B) of the Securities Exchange Act of 1934 requires public companies to “devise and maintain a system of internal accounting controls.” In a recent opinion, a New York federal court rejected the Securities...more

Skadden, Arps, Slate, Meagher & Flom LLP

Takeaways From the Dismissal of SEC Claims Against SolarWinds and Its CISO

Skadden, Arps, Slate, Meagher & Flom LLP on

The U.S. District Court for the Southern District of New York has dismissed many of the Securities and Exchange Commission’s (SEC’s) claims against software development company SolarWinds and its chief information security...more

Bradley Arant Boult Cummings LLP

Balancing Act: Industry Concerns Over CISA’s Proposed Cyber Incident Reporting Rule

Bradley Arant Boult Cummings LLP on

As discussed in our previous blog post, the Cybersecurity and Infrastructure Security Agency (CISA) is proposing a significant new rule to bolster the nation’s cyber defenses through mandatory incident reporting. While...more

Alston & Bird

SEC Corporation Finance Provides Additional Guidance on the Disclosure of Material Cybersecurity Incidents in Form 8-K

Alston & Bird on

On June 24, 2024, the Division of Corporation Finance (“Corp Fin”) of the Securities and Exchange Commission (“SEC”) issued five new Compliance and Disclosure Interpretations (“C&DIs”) related to the disclosure of “material”...more

Cooley LLP

SEC charges RR Donnelley with control failures related to cybersecurity incident

Cooley LLP on

In this June Order, SEC Enforcement brought settled charges against R.R. Donnelley & Sons, a “global provider of business communications services and marketing solutions,” for control failures: more specifically, a failure to...more

Fenwick & West LLP

SEC Releases New 8-K CDIs for Item 1.05 - Cybersecurity Incidents

Fenwick & West LLP on

On June 24, 2024, the SEC released five new CDIs on Material Cybersecurity Incidents. Please see a high-level summary below...more

Mayer Brown Free Writings + Perspectives

SEC Announces New Cybersecurity Interpretations

Mayer Brown Free Writings + Perspectives on

The SEC’s Division of Corporation Finance yesterday published five new Compliance and Disclosure Interpretations, or “C&DIs,” all concerning Item 1.05 of Exchange Act Form 8-K, Disclosure of Cybersecurity Incidents....more

Wyrick Robbins Yates & Ponton LLP

Living in a Material World: SEC Clarifies Expectations Regarding Form 8-K Disclosure of Material Cybersecurity Incidents

Wyrick Robbins Yates & Ponton LLP on

Last month, the Director of the Division of Corporation Finance (“Director”) of the Securities and Exchange Commission (“SEC”) issued new guidance regarding disclosures of material cybersecurity incidents via Form 8-K under...more

134 Results
 / 
View per page
Page: of 6
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide