News & Analysis as of

Cybersecurity Data Security Regulatory Requirements

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Woods Rogers

New Cybersecurity Executive Order Revises Specific Federal Policies While Retaining Core Security Principles

Woods Rogers on

On June 6, 2025, the Trump Administration issued a new Executive Order, Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144 (the EO) that contains...more

Sheppard Mullin Richter & Hampton LLP

North Dakota Passes New Data Security Law for “Financial Corporations”

Sheppard Mullin Richter & Hampton LLP on

North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more

Reveal

How to Navigate FedRAMP Compliance for eDiscovery in Federal Agencies

Reveal on

96% of companies currently use the public cloud, but Gartner predicts that there's more to that reliance than a convenient source of digital storage. Their leading experts believe that the cloud will be a business necessity...more

American Conference Institute (ACI)

[Webinar] Operationalizing AI: Governance, Culture, Bias, Privacy, Data and Cyber Security Considerations - June 24th, 1:00 pm -...

American Conference Institute (ACI) on

This complimentary webinar will delve into the real-life aspects of implementation – with a focus on organizational preparedness and proactive strategic foresight. Join us as we discuss how to design and roll out a...more

Thomas Fox - Compliance Evangelist

Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder

Thomas Fox - Compliance Evangelist on

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. Join Tom Fox, the Voice of Compliance as he visits with top innovative minds, thinkers and creators in the...more

Morgan Lewis - Tech & Sourcing

NIST Releases Updated Incident Response Guidance Under Its Cybersecurity Framework

Morgan Lewis - Tech & Sourcing on

During the Biden administration, there was a push to prioritize and modernize cybersecurity responses, and the National Institute of Standards and Technology (NIST) agreed to work with the technology industry to develop a new...more

King & Spalding

New Security Measures for Large Databases: When a DPA’s Directives Set Standards

King & Spalding on

In response to a record year of personal data breaches in 2024, affecting millions of individuals, the French data protection authority (CNIL) has published a set of security directives for operators of large databases. While...more

PilieroMazza PLLC

Cybersecurity Compliance in the Crosshairs: Raytheon’s $8.4 Million FCA Settlement and What It Means for Defense Contractors

PilieroMazza PLLC on

Government contractors regularly handle sensitive federal data, and cybersecurity compliance is no longer optional—it’s mandatory. A recent settlement between the Department of Justice (DOJ) and defense contractor Raytheon...more

Venable LLP

A Closer Look at the Data Security Requirements in DOJ's Bulk Data Rule

Venable LLP on

As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more

Alston & Bird

European Vulnerability Database Published by the European Union Agency for Cybersecurity

Alston & Bird on

The European Union Agency for Cybersecurity (ENISA) has launched the European Vulnerability Database (EUVD), a tool designed to enhance digital security across the EU. The EUVD is available here....more

Dacheng

China Monthly Data Protection Update: May 2025

Dacheng on

This monthly report outlines key developments in China’s data protection sector for May. The following events merit special attention...more

BakerHostetler

Data Governance: Practical Considerations for a Reasonable Security Program

BakerHostetler on

Imagine receiving an email from an unknown actor claiming to have taken approximately 2 terabytes of data from your organization’s network. The threat actor provides a file tree and sample files to substantiate its claim....more

Robinson+Cole Data Privacy + Security Insider

FTC Order with GoDaddy Finalized Over Lax Data Security

Robinson+Cole Data Privacy + Security Insider on

On May 21, 2025, the Federal Trade Commission (FTC) finalized its order with GoDaddy over allegations that GoDaddy “failed to implement standard data security tools and practices to protect customers’ websites and data.” In a...more

Blake, Cassels & Graydon LLP

Nouveau cadre relatif aux incidents de sécurité de l’information à l’intention des institutions financières québécoises

Blake, Cassels & Graydon LLP on

Le 23 avril 2025, le Règlement sur la gestion et le signalement des incidents de sécurité de l’information de certaines institutions financières et des agents d’évaluation du crédit (le « Règlement ») est entré en vigueur au...more

Hogan Lovells

EURid celebrates its 19th anniversary

Hogan Lovells on

EURid, the Registry responsible for running the .EU Top Level Domain (TLD), recently posted a publication to celebrate its 19th anniversary and highlight its achievements. EURid was incorporated under Belgian law in April...more

Goodwin

The Rise of Agentic AI: From Conversation to Action

Goodwin on

The artificial intelligence (AI) landscape is evolving at a dizzying pace. Just as organizations were adapting to generative AI and its capabilities for creating content, a new paradigm has emerged. ...more

Orrick, Herrington & Sutcliffe LLP

OIG makes seven recommendations for CFPB following major incident

Orrick, Herrington & Sutcliffe LLP on

On May 5, the OIG for the Fed authored a report with several recommendations for the CFPB following a major security incident regarding confidential supervisory information (CSI). The OIG issued four findings with seven...more

Alston & Bird

UK Publishes Software Security Code

Alston & Bird on

Cyber security supply chain risks are growing, and attacks on vendors and other third parties cause severe disruption to businesses. For example, in recent years we have seen many incidents that have involved threat actors...more

Eversheds Sutherland (US) LLP

Preparing for Regulation S-P and takeaways from the SEC’s session at the Incident Response Forum Masterclass 2025

Eversheds Sutherland (US) LLP on

On April 22, 2025, Laura D’Allaird, Chief of the SEC’s Cyber and Emerging Technologies Unit (CETU), participated in the Incident Response Forum Masterclass 2025 (Incident Response Masterclass). In the session, titled “SEC...more

Hogan Lovells

NYDFS: Penultimate set of cybersecurity requirements under amended Part 500 take effect May 1, 2025

Hogan Lovells on

On May 1, 2025, additional cybersecurity requirements introduced by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) took...more

Alston & Bird

Additional Cybersecurity Requirements of NYDFS Part 500 Take Effect

Alston & Bird on

On May 1, 2025, additional enhanced cybersecurity controls required by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) take...more

Husch Blackwell LLP

Effective Dates Draw Near for Insurance Industry to Comply with NYDFS's Cybersecurity Rules

Husch Blackwell LLP on

As part of a multiyear rollout, the New York Department of Financial Services (NYDFS) has established May 1, 2025, and November 1, 2025, as effective dates for certain amendments to its cybersecurity regulations. These...more

A&O Shearman

FSB publishes finalised format for FIRE framework

A&O Shearman on

The Financial Stability Board (FSB) has published its finalised Format for Incident Reporting Exchange (FIRE), together with a press release and updated webpage. FIRE provides a standardised format for financial institutions...more

Jackson Lewis P.C.

Florida Bar Urges Law Firms to Adopt Incident Response Plans: A Call to Action for Legal Professionals

Jackson Lewis P.C. on

In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to...more

Alston & Bird

2025 State Cybersecurity Legislation Focuses on Financial Services

Alston & Bird on

Eight years ago, on March 1, 2017, the New York Department of Financial Services enacted its landmark cybersecurity regulation covering financial services companies, 23 NYCRR Part 500, known as “Part 500.” Part 500 was the...more

210 Results
 / 
View per page
Page: of 9
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide