News & Analysis as of

Cybersecurity Data Security Regulatory Requirements

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Husch Blackwell LLP

Effective Dates Draw Near for Insurance Industry to Comply with NYDFS's Cybersecurity Rules

Husch Blackwell LLP on

As part of a multiyear rollout, the New York Department of Financial Services (NYDFS) has established May 1, 2025, and November 1, 2025, as effective dates for certain amendments to its cybersecurity regulations. These...more

A&O Shearman

FSB publishes finalised format for FIRE framework

A&O Shearman on

The Financial Stability Board (FSB) has published its finalised Format for Incident Reporting Exchange (FIRE), together with a press release and updated webpage. FIRE provides a standardised format for financial institutions...more

Jackson Lewis P.C.

Florida Bar Urges Law Firms to Adopt Incident Response Plans: A Call to Action for Legal Professionals

Jackson Lewis P.C. on

In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to...more

Alston & Bird

2025 State Cybersecurity Legislation Focuses on Financial Services

Alston & Bird on

Eight years ago, on March 1, 2017, the New York Department of Financial Services enacted its landmark cybersecurity regulation covering financial services companies, 23 NYCRR Part 500, known as “Part 500.” Part 500 was the...more

Cozen O'Connor

Cybersecurity Best Practices for AI-Powered Robotics Under State and Federal Privacy Laws

Cozen O'Connor on

As robotics technology rapidly advances in connection with the use of artificial intelligence (AI), the collection, processing, and storage of personal information—including biometric data—will become increasingly common....more

Orrick, Herrington & Sutcliffe LLP

OCC provides an update on its security breach given institutional risk

On April 14, the OCC released a letter providing more details on the recent security breach involving its email systems. The breach — identified as a major incident under the Federal Information Security Modernization Act...more

Davis Wright Tremaine LLP

FedRAMP 20x Initiative Promises Major Changes for Federal Cloud Service Providers

Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more

Alston & Bird

Cybersecurity Controls: What Do Regulators Expect Nowadays?

Alston & Bird on

Our Privacy, Cyber & Data Strategy Team highlights the increasingly specific cybersecurity controls identified by regulators, explains why these enhanced cybersecurity controls have become the focus of regulators, and shares...more

Blake, Cassels & Graydon LLP

New Information Security Incident Framework for Quebec Financial Institutions

On April 23, 2025, Quebec’s Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents (Regulation) will come into force. Issued by...more

Ice Miller

As the Department of Justice Affirms and Advances Its Cyber-Fraud Initiative, Government Contractors Should Take Steps to Ensure...

Ice Miller on

While some areas of white-collar enforcement have been deprioritized by the Trump Administration, the Department of Justice (DOJ) remains committed to its Civil Cyber-Fraud Initiative as demonstrated by two recent False...more

Hinshaw & Culbertson - Privacy, Cyber & AI...

Are Your Cybersecurity Controls Ready for the New York State Department of Financial Services' Deadlines?

In November 2023, New York State's Department of Financial Services (NYDFS) amended its cybersecurity regulation, Part 500. This legal alert provides an update for Covered Entities and Class A Businesses on the current NYDFS...more

Sheppard Mullin Richter & Hampton LLP

Insurance Cybersecurity Certifications: An (Updated) State Roundup

Over half of US states require annual compliance certifications from insurance providers. While the filing time frames for this year draw to a close, companies may want to keep them in mind not only for next year, but as a...more

Clark Hill PLC

Right To Know - April 2025, Vol. 28

Clark Hill PLC on

Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. ...more

Troutman Pepper Locke

OCC Notifies Congress of Major Email System Security Breach

Troutman Pepper Locke on

On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more

Maynard Nexsen

NAIC Spring Meeting Update Part Two

Maynard Nexsen on

As discussed in last week’s article, along with almost 3,000 regulators and insurance industry leaders, the Maynard Nexsen Insurance Regulatory team of attorneys attended the National Association of Insurance Commissioners...more

Quarles & Brady LLP

New York Cybersecurity Regulation Requires Submission of Compliance Certification or Acknowledgement of Noncompliance Next Week

Quarles & Brady LLP on

On April 3, 2025, the New York State Department of Financial Services (“DFS”) issued reminders about upcoming implementation and reporting deadlines related to its cybersecurity regulations. Upcoming deadlines require...more

Clark Hill PLC

The Learned Concierge - April 2025, Vol. 18

Clark Hill PLC on

Welcome to your monthly legal insights on the trends impacting the Retail, Hospitality, and Food & Beverage Industries. ...more

Goodwin

DOJ’s Data Export Rule Is In Force April 8: What You Need to Do

Goodwin on

On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more

Morgan Lewis

Data Center Operations: Aligning Supply Chain, Compliance, and Customer Expectations

Morgan Lewis on

The demand for data centers is continuing to accelerate, fueled largely by generative artificial intelligence (Gen AI), broader digital transformation, and organizations migrating to cloud infrastructure. Gen AI adoption...more

Bennett Jones LLP

10 Key Questions to Guide Cyber Risk Management

Bennett Jones LLP on

Asking the right questions within your organization is key to effectively managing cyber risk. Here are 10 questions that you should ask your team...more

Cozen O'Connor

FedRAMP Update – New Approach(es) to Authorization on the Way

Cozen O'Connor on

On Monday, March 24, 2025, the General Services Administration (GSA) launched FedRAMP 20x, as an effort to automate parts of the program and create collaboration with the industry to improve authorization process for cloud...more

Dacheng

China Monthly Data Protection Update: March 2025

Dacheng on

This monthly report outlines key developments in China’s data protection sector for March. The following events merit special attention...more

A&O Shearman

Australia – new security standards for smart devices

A&O Shearman on

Established under the Cyber Security Act 2024 (the ‘Act’), the Cyber Security (security standards for smart devices) Rules 2025 (the ‘Rules’) set out the requirements for three security standards introduced to enhance the...more

A&O Shearman

Zooming in on AI #18: Cybersecurity requirements for AI systems

A&O Shearman on

The Artificial Intelligence Act (AI Act) is the world's first comprehensive legal framework for AI regulation, which entered into force on August 1, 2024. The AI Act aims to ensure that AI systems are trustworthy, safe and...more

A&O Shearman

Hong Kong passes its first Cybersecurity Law to safeguard critical infrastructure

A&O Shearman on

Hong Kong’s Legislative Council passed the Protection of Critical Infrastructures (Computer Systems) Bill (the “CI Bill”) on March 19, 2025. This landmark legislation aims to enhance cybersecurity and minimize disruptions...more

188 Results
 / 
View per page
Page: of 8

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide