News & Analysis as of

Cybersecurity Data Privacy Financial Institutions

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Eversheds Sutherland (US) LLP

Preparing for Regulation S-P and takeaways from the SEC’s session at the Incident Response Forum Masterclass 2025

Eversheds Sutherland (US) LLP on

On April 22, 2025, Laura D’Allaird, Chief of the SEC’s Cyber and Emerging Technologies Unit (CETU), participated in the Incident Response Forum Masterclass 2025 (Incident Response Masterclass). In the session, titled “SEC...more

Blake, Cassels & Graydon LLP

New Information Security Incident Framework for Quebec Financial Institutions

Blake, Cassels & Graydon LLP on

On April 23, 2025, Quebec’s Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents (Regulation) will come into force. Issued by...more

Skadden, Arps, Slate, Meagher & Flom LLP

Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs

Skadden, Arps, Slate, Meagher & Flom LLP on

As companies shift their thinking from “if” a cyberattack will happen to “when” an attack hits, the key differentiator in how a company emerges from an attack is often dictated by preparation and strategic planning in order...more

Quarles & Brady LLP

Warning! ChatGPT Exploit Used by Threat Actors in Cyber Attacks

Quarles & Brady LLP on

Members of the health care and financial industries, along with other industries that hold sensitive data, are warned that a ChatGPT vulnerability is being actively exploited by threat actors to attack security flaws in AI...more

Husch Blackwell LLP

Deadline Ahead: NYDFS Compliance Notifications are due by April 15

Husch Blackwell LLP on

Businesses that are subject to the NYDFS Cybersecurity Regulations have four weeks left to submit their annual notices of compliance or acknowledge their noncompliance. When the regulations were amended in 2023, several of...more

Jones Day

Australia Passes Landmark Scam Prevention Legislation

Jones Day on

On 13 February 2025, the Australian Federal Parliament passed the Scams Prevention Bill 2025 (Cth) ("Bill"), the first of its kind worldwide....more

Kramer Levin Naftalis & Frankel LLP

NYDFS Updates Regulated Firms on Upcoming Cyber Requirements

Kramer Levin Naftalis & Frankel LLP on

Financial firms doing business in New York should be mindful of a recent e-blast sent by the state’s financial regulator concerning cybersecurity requirements that become effective in less than two months. The New York...more

Husch Blackwell LLP

New York Amends its Data Breach Notification Law

Husch Blackwell LLP on

Keypoint: New York has amended its data breach notification law twice in the last 60 days to (1) add a 30-day deadline for notifying affected residents, (2) clarify that covered financial entities must still notify the New...more

Orrick, Herrington & Sutcliffe LLP

CFPB’s union raises concerns over security and alleged misuse of sensitive information

Orrick, Herrington & Sutcliffe LLP on

On February 7, the union representing CFPB employees published a notice expressing concerns regarding the recent addition of certain DOGE employees to the CFPB’s email directory and their presence in offices. ...more

Orrick, Herrington & Sutcliffe LLP

California DFPI mandates cybersecurity overhaul in credit union consent order

Orrick, Herrington & Sutcliffe LLP on

On February 4, the California DFPI announced a consent order issued against a credit union (respondent) following a significant cybersecurity breach. This breach, a ransomware attack, allegedly led to the shutdown of various...more

Barnea Jaffa Lande & Co.

Legislative updates for regulated financial service-providers – inception of the Financial Information Service Law

Barnea Jaffa Lande & Co. on

Financial Information Service Order – Postponement Order Due to requests from licensed credit providers and licensed operators of credit brokerage system, who are deemed as information sources pursuant to the Financial...more

Tonkon Torp LLP

What the SEC Amendments to Regulation S-P Mean for Your Business

Tonkon Torp LLP on

On May 16, 2024, the SEC adopted amendments to Regulation S-P requiring broker-dealers, registered investment companies, registered investment advisers, funding portals, and transfer agents (collectively, “covered...more

Carlton Fields

Plotting a Course for Your 2025 Data Security Plan

Carlton Fields on

Trying to plot the course for a data security plan in 2025 requires piecing together the maps of various cartographers and decoding each map’s legends and keys....more

BCLP

Cybersecurity Risks for Financial Services Firms: Proactive Strategies to Stay Ahead

BCLP on

The 2024 CrowdStrike outage and the ransomware attack on NHS partner Synnovis hit mainstream news and highlighted the fragility of ICT supply chains and the risks posed by cyber incidents....more

Morgan Lewis - Tech & Sourcing

DORA European Commission Clarifies Scope of ICT Services

Morgan Lewis - Tech & Sourcing on

European regulators recently published clarifications on the scope of ICT services under the EU Digital Operational Resilience Act (DORA), prepared by the European Commission, which confirms previous guidance and enables...more

Ward and Smith, P.A.

Data Privacy Insights Part 1: North Carolina Ranks High in Cybercrime Complaints

Ward and Smith, P.A. on

The FBI's Internet Crime Complaint Center (IC3) report sheds light on the growing threat of cybercrime, both nationally and within North Carolina. The state ranks among the top 15 in the U.S. for cybercrime complaints,...more

McDermott Will & Emery

Data Privacy and Cybersecurity in 2025: PCI DSS 4.0

McDermott Will & Emery on

Following our recent client alert, learn more about PCI DSS 4.0 coming into effect and its impact on organizations in 2025. Mark Schreiber, Brian Long, and Sam Genovese share further insights from working with clients on...more

Mayer Brown

Applying the Enterprise Risk Mindset to AI

Mayer Brown on

Artificial intelligence (AI) and other emerging technologies have the potential to revolutionize the financial industry. At the same time, its use introduces new risks that need to be anticipated and addressed. This paper...more

Morrison & Foerster LLP

SEC Caps 2024 with Another Cyber Enforcement Action

Morrison & Foerster LLP on

The SEC continues to leave its mark as a federal cybersecurity enforcer and closed out the year by charging another company with making misleading statements about a cybersecurity attack and failing to maintain cyber-related...more

WilmerHale

Why Depository Institutions, with or Without Affiliated Securities Firms, can and should Manage Employee Use of Personal Devices...

WilmerHale on

The purpose of this paper is to show how the failure to monitor for and prevent off-channel communications poses risk to traditional depository institutions that are not subject to the jurisdiction of securities-law...more

Katten Muchin Rosenman LLP

DORA Takes Effect: Key Next Steps for Firms

Katten Muchin Rosenman LLP on

After a two-year implementation period, the EU Digital Operational Resilience Act (DORA) takes effect on 17 January 2025. DORA is part of the EU’s Digital Finance Package and aims to strengthen the financial sector’s...more

Wilson Sonsini Goodrich & Rosati

DORA: New EU Cybersecurity Requirements for the Financial Sector Enter into Force

Wilson Sonsini Goodrich & Rosati on

Starting January 17, 2025, the Digital Operational Resilience Act (DORA) will require financial entities and their critical information and communication technology (ICT) service providers to comply with enhanced...more

Jones Day

Understanding DORA: Digital Operational Resilience Act Now in Effect for Financial Entities and ICT Service Providers

Jones Day on

DORA, the first EU regulation designed to establish a unified and robust digital resilience standard for the financial sector, becomes directly applicable on January 17, 2025, introducing significant penalties and...more

A&O Shearman

Business email compromise and invoice fraud – a duty of care on the innocent?

A&O Shearman on

The Western Australian District Court’s recent decision in Mobius Group Pty Ltd v Inoteq Pty Ltd1 highlights the potential consequence for the innocent party where fraudulent changes in bank details are sent from their...more

Skadden, Arps, Slate, Meagher & Flom LLP

CFPB Releases Final ‘Open Banking’ Rule on Personal Financial Data Rights

Skadden, Arps, Slate, Meagher & Flom LLP on

On October 22, 2024, the Consumer Financial Protection Bureau (CFPB) issued a final rule (Rule) on personal financial data rights under Section 1033 of the Dodd-Frank Act. The Rule imposes significant new obligations on...more

114 Results
 / 
View per page
Page: of 5
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide