News & Analysis as of May 6, 2025

Cyber Incident Reporting

+ Follow

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now. less -

UK Government Proposes Targeted Ban on Ransom Payments and Increased Ransomware Incident Reporting

Alston & Bird on 2/6/2025

On January 14, 2025, the United Kingdom government published a consultation on ransomware proposing new measures to increase incident reporting and reduce ransom payments (the “Consultation”). The Consultation outlines three...more

FAR Council Unveils Long-Anticipated Rule for Controlled Unclassified Information

Wiley Rein LLP on 1/29/2025

WHAT: The FAR Council published a proposed rule to incorporate the Controlled Unclassified Information (CUI) Program into the acquisition process and, in doing so, seeks to more clearly define government and contractor roles...more

Ransomware Attacks: UK Government Proposes Ransom Payment Ban and Mandatory Notification Requirements

Wilson Sonsini Goodrich & Rosati on 1/27/2025

On January 14, 2025, the UK government unveiled a proposed framework aimed at combating the rise of ransomware attacks by implementing a payment prevention and reporting regime. This would require companies to not only report...more

UK: Consultation on Ransomware payments

DLA Piper on 1/24/2025

On 14 January 2025, the UK Home Office published a consultation paper focusing on legislative proposals to reduce payments to cyber criminals and increasing incident reporting. ...more

Trends in US Cybersecurity Regulation

Mayer Brown on 11/4/2024

As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more

US DoD Issues Class Deviation Delaying DFARS Implementation of Upcoming NIST SP 800-171, Revision 3

Mayer Brown on 5/10/2024

On May 2, 2024, the Department of Defense (DoD) issued a class deviation to DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting. The deviation relates to contractors’ compliance with...more

DOJ & FBI Issue New Guidelines for Delayed Reporting of Cyber Incidents to the SEC

Faegre Drinker Biddle & Reath LLP on 12/26/2023

Under the Securities and Exchange Commission’s (SEC) new Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rule (cybersecurity rule), public companies subject to the cybersecurity rule must promptly...more

SEC’s Cybersecurity Rules – SEC Issues Guidance and DOJ Establishes Processes for the National Security or Public Safety Exception

Alston & Bird on 12/22/2023

Our Securities and Privacy, Cyber & Data Strategy teams unpack the Department of Justice’s (DOJ) process for companies seeking to delay Form 8-K disclosures under the Securities and Exchange Commission’s (SEC) cybersecurity...more

Public Company Watch: December 2023

Paul Hastings LLP on 12/22/2023

In the December Public Company Watch, we cover key issues impacting public companies, including a preview of the SEC’s latest regulatory agenda, an update regarding the Fifth Circuit vacating the SEC’s share repurchase rules,...more

Cyber Incident Reporting Guidance: DOJ Explains How It Will Determine if a Public Disclosure Poses Substantial National Security...

Wiley Rein LLP on 12/14/2023

The cyber reporting landscape is rapidly shifting. Many agencies are developing rules, and a major player has been the U.S. Securities and Exchange Commission (SEC), with important questions arising about implementation of...more

SEC Cyber Reporting Mandates: How to Request a National Security or Public Safety Delay

Wiley Rein LLP on 12/12/2023

On December 18, the Securities and Exchange Commission's (SEC) new disclosure requirements go into effect and will require public companies to publicly report material cybersecurity incidents within four days of making a...more

SEC Adopts New and Burdensome Cybersecurity Disclosure Rules

Kohrman Jackson & Krantz LLP on 10/6/2023

The Securities and Exchange Commission (SEC) recently adopted rules requiring public companies to quickly disclose “material cybersecurity incidents” and to annually disclose material information regarding a company’s...more

DHS Calls for Critical Harmonization of Cyber Incident Reporting

Wiley Rein LLP on 9/27/2023

On September 19, 2023, the Department of Homeland Security (DHS) released a Report to Congress (Report) on the Harmonization of Cyber Incident Reporting to the Federal Government. The Report reflects on the 52 in-effect or...more

Cyber Incident Reporting Requirements To Be Implemented Under the Cyber Incident Reporting for Critical Infrastructure Act of 2022...

Lowenstein Sandler LLP on 9/12/2023

Background: In March 2022, President Joe Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) into law, ushering in a new era of enhanced cybersecurity measures. This legislation...more

SEC Cyber Rules Published in Federal Register

Paul Hastings LLP on 8/4/2023

The SEC’s Cybersecurity Risk Management Strategy, Governance, and Incident Disclosure Rules were officially published in the Federal Register on August 4, 2023 and go into effect on September 5, 2023....more

Cybersecurity Implementation Plan Offers a Roadmap for Cyber Priorities

Perkins Coie on 8/2/2023

The Biden Administration recently reaffirmed its continued focus on cybersecurity by announcing an Implementation Plan for the National Cybersecurity Strategy (the Plan). The Plan provides a roadmap covering the policies and...more

SEC Finalizes Public Company Cybersecurity Disclosure Rules

Pillsbury Winthrop Shaw Pittman LLP on 7/31/2023

Under the SEC’s rules, public companies that are subject to reporting requirements must promptly disclose material cybersecurity incidents. The SEC’s Final Rules require public companies to report a material cybersecurity...more

SEC adopts new rule on cybersecurity risk management, disclosure

Constangy, Brooks, Smith & Prophete, LLP on 7/28/2023

On July 26, the Securities and Exchange Commission adopted a new rule regarding cybersecurity risk management, strategy, governance, and incident disclosure. The “Cybersecurity Incident Disclosure Rule” will be applicable to...more

The Biden Administration’s 2023 Cybersecurity Strategy Includes Potentially Significant Implications for the Technology Sector

Akin Gump Strauss Hauer & Feld LLP on 3/28/2023

On March 2, 2023, the Biden administration released the 2023 National Cybersecurity Strategy (the “Strategy”). The Strategy acknowledges that the United States “must [effect] fundamental shifts in how . . . [it] allocates...more

[Event] 9th National Conference on CFIUS - April 13th - 14th, Arlington, VA

American Conference Institute (ACI) on 3/22/2023

Hosted by American Conference Institute (ACI), the 9th National Conference on CFIUS returns for another exciting year with curated programming and an impressive lineup of leaders from government, industry and private practice...more

Client Alert: Biden-Harris Administration Cybersecurity Strategy

Jenner & Block on 3/9/2023

On March 1, 2023, the White House released a new National Cybersecurity Strategy (the Strategy) documenting the Biden-Harris administration’s approach to improving cybersecurity across the digital ecosystem. The Strategy...more

What Companies Need to Know About the New National Cybersecurity Strategy

Fenwick & West LLP on 3/9/2023

The White House announced last Thursday its highly anticipated National Cybersecurity Strategy (NCS). Although largely aspirational and short on concrete plans, the 39-page NCS is the Biden administration’s most ambitious...more

Office of the National Cyber Director Remains Nascent, Evaluations to Come as Efforts Mature

Wiley Rein LLP on 9/19/2022

In 2021, Congress created a new cyber leadership position within the White House, enacting a suggestion from the Cyberspace Solarium Commission, to develop a new Office of the National Cyber Director (ONCD). ...more

CISA Seeks Input on New Cybersecurity Reporting Requirements

Perkins Coie on 9/13/2022

President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) on March 15, 2022. The background and contours of CIRCIA are discussed in a previous update. CIRCIA authorizes and...more

Cyber Sirens Intensify: DOJ is Signaling Increased Enforcement of Cybercrime, Collaboration with the Private Sector and...

Vinson & Elkins LLP on 7/29/2022

Earlier this month, Deputy Attorney General Lisa O. Monaco spoke on cybersecurity developments at the International Conference on Cyber Security (“ICCS”); the same day, the U.S. Department of Justice (“DOJ”) released its...more

31 Results

View per page

Page: of 2

Cybersecurity › National Security › Cyber Incident Reporting

"My best business intelligence, in one easy email…"