News & Analysis as of

Cybersecurity Incident Response Plans Regulatory Requirements

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Womble Bond Dickinson

The ICO’s Penalty Against 23andMe Brings New Emphasis on Cybersecurity Risks - Key Takeaways for U.S. Companies

Womble Bond Dickinson on

The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more

Jackson Lewis P.C.

HB1127 Explained: North Dakota’s New InfoSec Requirements for Financial Corporations

Jackson Lewis P.C. on

Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more

Morgan Lewis

Key Cybersecurity, Privacy, and National Security Considerations for Data Centers in 2025

Morgan Lewis on

Unlike Europe’s comprehensive General Data Protection Regulation framework, the United States still lacks an all-encompassing data privacy statute. Instead, data centers operating in the United States must navigate a complex...more

Mitratech Holdings, Inc

The 2025 TPRM Study: Key Findings and Recommendations

Mitratech Holdings, Inc on

The 2025 Mitratech Third-Party Risk Management (TPRM) Study conveys a clear message: the third-party risk landscape is evolving into a complex, interconnected ecosystem — one where every vendor, supplier, and partner plays a...more

Alston & Bird

Data Breach Data Reviews: Challenges and What You Need to Know

Alston & Bird on

Our Privacy, Cyber & Data Strategy Team discusses how to overcome five challenges companies face in the wake of a data security incident when reviewing impacted data to comply with legal obligations....more

Paul Hastings LLP

Cybersecurity Enforcement in Action: Insights for Companies

Paul Hastings LLP on

Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Workshop featured three panels of experts...more

McCarter & English, LLP

Don’t Get Caught in Scattered Spider’s Web

McCarter & English, LLP on

The cybercrime group known as Scattered Spider is at it again, according to Google’s Threat Intelligence Group. This criminal group is known to focus its cyber attacks on one sector at a time. Last spring, it was the retail...more

Morgan Lewis - Tech & Sourcing

NIST Releases Updated Incident Response Guidance Under Its Cybersecurity Framework

Morgan Lewis - Tech & Sourcing on

During the Biden administration, there was a push to prioritize and modernize cybersecurity responses, and the National Institute of Standards and Technology (NIST) agreed to work with the technology industry to develop a new...more

HaystackID

[Webcast Transcript] Faster Finds, Fewer Files: A Smarter Approach to Email Investigations

HaystackID on

Editor’s Note: As digital threats become increasingly sophisticated and data volumes continue to surge, email remains a cornerstone of modern investigations. In this timely webcast, HaystackID® experts John Wilson and Rene...more

Jackson Lewis P.C.

Florida Bar Urges Law Firms to Adopt Incident Response Plans: A Call to Action for Legal Professionals

Jackson Lewis P.C. on

In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to...more

Troutman Pepper Locke

OCC Notifies Congress of Major Email System Security Breach

Troutman Pepper Locke on

On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more

Bennett Jones LLP

10 Key Questions to Guide Cyber Risk Management

Bennett Jones LLP on

Asking the right questions within your organization is key to effectively managing cyber risk. Here are 10 questions that you should ask your team...more

Hogan Lovells

Fortifying the Future: Hong Kong’s new cybersecurity laws to protect critical infrastructure

Hogan Lovells on

On 19 March 2025, the Legislative Council (the “LegCo”) passed the Protection of Critical Infrastructure (Computer System) Bill (the “Bill”), which is due to come into effect on 1 January 2026. This is a significant step in...more

Bradley Arant Boult Cummings LLP

Top 10 takeaways from the new HIPAA security rule NPRM

Bradley Arant Boult Cummings LLP on

On Jan. 6, 2025, the U.S. Department of Health and Human Services (HHS) proposed new regulations to enhance cybersecurity protections for electronic protected health information (ePHI) under the Health Insurance Portability...more

Woods Rogers

FAR Council Publishes Proposed Rule Imposing New Security Requirements on Contractors Handling CUI

Woods Rogers on

On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more

Jackson Lewis P.C.

FAQs for Schools and Persons Affected By the PowerSchool Data Breach

Jackson Lewis P.C. on

A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more

Ballard Spahr LLP

FHA issues revised cybersecurity requirements

Ballard Spahr LLP on

As previously reported in May 2024 FHA announced a requirement for FHA approved lenders to notify the U.S. Department of Housing and Urban Development (HUD) of Significant Cybersecurity Incidents, and the requirement was...more

Mayer Brown

New EU Cyber Rules (NIS2) Take Effect; Implementing Rules Adopted

Mayer Brown on

On 17 October 2024, the European Commission adopted the first Implementing Regulation under the Network and Information Security 2 Directive (EU) 2022/2555 (NIS2), focusing on digital infrastructures and services. The...more

Wiley Rein LLP

[Webinar] Best Practices in Cyber Preparedness - October 23rd, 12:00 pm - 1:00 pm EDT

Wiley Rein LLP on

We invite you to join us for an insightful webinar on Best Practices in Cyber Preparedness for Government Contractors and Critical Infrastructure Operators on Wednesday, October 23, 2024, from 12:00 p.m. – 1:00 p.m. EDT....more

Wyrick Robbins Yates & Ponton LLP

Maybe Not Practical After All: HUD Proposes Revised Cyber Incident Reporting Requirement for FHA-Approved Mortgagees

Wyrick Robbins Yates & Ponton LLP on

As we discussed in a recent post, earlier this year the U.S. Department of Housing and Urban Development (“HUD”) issued Mortgagee Letter 2024-10, which imposed a new requirement on all FHA-approved mortgagees to report...more

Foley Hoag LLP - Security, Privacy and the...

SEC Revamps and Enhances Data Protections with Amendments to Regulation S-P

Foley Hoag LLP - Security, Privacy and the... on

The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more

Troutman Pepper Locke

That’s a Wrap…or Not? Regulatory Data Incident Investigation Resolutions and the Path Forward

Troutman Pepper Locke on

As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more

Bass, Berry & Sims PLC

Cyber Incident Reporting May Be “Material” for Federal Contractors

Bass, Berry & Sims PLC on

Last month, the Federal Acquisition Regulatory Council proposed new cybersecurity and incident reporting regulations for federal contractors on behalf of the Department of Defense (DoD), the General Services Administration...more

Polsinelli

FTC Adopts Data Breach Notification Obligations for Non-Banking Financial Institutions

Polsinelli on

On October 27, 2023, the Federal Trade Commission (“FTC”) adopted an amendment to the FTC’s Safeguards Rule that will require non-banking financial institutions to notify the FTC within thirty days of discovering a data...more

Ankura

Navigating the Future: Trends Shaping Cyber Incident Response

Ankura on

In the last two decades, incident response has evolved significantly, adapting to the dynamic cyber threat landscape. As the internet became an integral part of daily life, cyber threats escalated in scope and scale. This...more

32 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide