News & Analysis as of

Cybersecurity Regulatory Requirements Compliance

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
BakerHostetler

Data Governance: Practical Considerations for a Reasonable Security Program

BakerHostetler on

Imagine receiving an email from an unknown actor claiming to have taken approximately 2 terabytes of data from your organization’s network. The threat actor provides a file tree and sample files to substantiate its claim....more

Mitratech Holdings, Inc

EU Cyber Resilience Act: How to Prepare Now

Mitratech Holdings, Inc on

The EU Cyber Resilience Act (CRA), adopted by the European Parliament in 2024, marks a major milestone in European cybersecurity legislation. As the first EU-wide law focused on the cybersecurity of digital products, it...more

Ropes & Gray LLP

Adversarial Machine Learning in Focus: Novel Risks, Straightforward Legal Approaches

Ropes & Gray LLP on

The Artificial Intelligence and Machine Learning (“AI/ML”) risk environment is in flux. One reason is that regulators are shifting from AI safety to AI innovation approaches, as a recent DataPhiles post examined. Another is...more

A&O Shearman

Operational resilience in banking: from regulatory compliance to strategic priority

A&O Shearman on

As regulatory frameworks tighten and cybersecurity threats grow in complexity, operational resilience is, now more than ever, a boardroom challenge for banks....more

McCarter & English Blog: Government Contracts...

The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

McCarter & English Blog: Government Contracts... on

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more

Bradley Arant Boult Cummings LLP

Key Legal Issues Facing U.S. Government Contractors in 2025

Bradley Arant Boult Cummings LLP on

As the regulatory environment continues to evolve in the new administration, U.S. government contractors are facing an increasingly complex array of legal challenges. Staying compliant and competitive requires close attention...more

Sheppard Mullin Richter & Hampton LLP

Insurance Cybersecurity Certifications: An (Updated) State Roundup

Sheppard Mullin Richter & Hampton LLP on

Over half of US states require annual compliance certifications from insurance providers. While the filing time frames for this year draw to a close, companies may want to keep them in mind not only for next year, but as a...more

Health Care Compliance Association (HCCA)

OCR Loses Staff, Faces Move to New ‘Enforcement’ Office; Will HIPAA Focus, Independence Suffer?

Health Care Compliance Association (HCCA) on

Today, the HHS Office for Civil Rights (OCR) stands shoulder-to-shoulder with the likes of the Office of Inspector General and Office of General Counsel, one of just a dozen or so agencies reporting directly to the secretary....more

Alston & Bird

UK Government Publishes Cyber Governance Code of Practice for Boards and Directors

Alston & Bird on

On April 8, 2025, the UK government published the Cyber Code of Practice (the “Code”) to support board directors in governing cybersecurity risks. The Code is available online. The UK’s data protection regulator is actively...more

Davis Wright Tremaine LLP

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

Davis Wright Tremaine LLP on

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

Sheppard Mullin Richter & Hampton LLP

FedRAMP 20x – Major Overhaul Announced to Streamline the Security Authorization Process for Government Cloud Offerings

Sheppard Mullin Richter & Hampton LLP on

On March 24, 2025, the Federal Risk and Authorization Management Program (“FedRAMP”) announced a major overhaul of the program, which is being called “FedRAMP 20x.” The FedRAMP 20x announcement stated there are no immediate...more

Integreon

DORA Compliance Part 1: Proactively Meeting DORA Supply Chain Resilience Obligations

Integreon on

Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more

A&O Shearman

Hong Kong passes its first Cybersecurity Law to safeguard critical infrastructure

A&O Shearman on

Hong Kong’s Legislative Council passed the Protection of Critical Infrastructures (Computer Systems) Bill (the “CI Bill”) on March 19, 2025. This landmark legislation aims to enhance cybersecurity and minimize disruptions...more

Gardner Law

Why Compliance Audits Are Non-Negotiable

Gardner Law on

In today’s heightened enforcement environment, compliance auditing isn’t just a best practice—it’s a necessity. Federal and state laws and industry guidance, including the Office of Inspector General (OIG) Compliance Program...more

HaystackID

[Webcast Transcript] Discovering Data Quickly in High-Stakes White-Collar Investigations

HaystackID on

Editor’s Note: White-collar investigations can send shockwaves through an organization, demanding swift, strategic, and legally sound responses. In a recent HaystackID® webcast, experts broke down the complexities of...more

Husch Blackwell LLP

Deadline Ahead: NYDFS Compliance Notifications are due by April 15

Husch Blackwell LLP on

Businesses that are subject to the NYDFS Cybersecurity Regulations have four weeks left to submit their annual notices of compliance or acknowledge their noncompliance. When the regulations were amended in 2023, several of...more

Walkers

Enhanced Cayman Islands licensing framework for virtual asset custody providers and trading platform operators takes effect from 1...

Walkers on

With effect from 1 April 2025, the licensing regime under the VASP Act will be implemented, requiring those providing virtual asset custody services or operating virtual asset trading platforms to obtain a licence under the...more

Perkins Coie

HHS Proposal To Strengthen HIPAA Security Rule

Perkins Coie on

Earlier this year, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) adopted a new proposal to strengthen the Health Insurance Portability and Accountability Act (HIPAA) security standards...more

Husch Blackwell LLP

Raising Capital in a Highly Regulated Market

Husch Blackwell LLP on

For early-stage life sciences and health tech companies, raising capital is about more than demonstrating scientific promise. Investors are increasingly focused on regulatory preparedness, reimbursement strategy, and risk...more

Lighthouse

Strategic Insights for Safeguarding Information with Microsoft Purview

Lighthouse on

Successful Microsoft Purview deployments require more than just technical implementation—they demand strategic planning, cross-functional collaboration, and ongoing optimization. Read about the key steps required to...more

King & Spalding

EU & UK AI Round-up

King & Spalding on

The first EU & UK AI Round-up, published on 15 January 2025, discussed the important regulatory updates affecting the AI ecosystem in both the EU and the UK that occurred towards the end of 2024. Notably since that update,...more

Wiley Rein LLP

New DOJ Restrictions on Cross-Border Data Transactions Take Effect April 8: Ten Questions as Your Business Prepares to Comply

Wiley Rein LLP on

The U.S. Department of Justice’s (DOJ) sweeping new rule on cross-border data transactions is set to take effect in substantial part next month, with broad implications for companies that transfer U.S. personal data or...more

Mitratech Holdings, Inc

How to Automate Vendor Risk Management

Mitratech Holdings, Inc on

Learn how automating third-party risk management (TPRM) can enhance efficiency, security, and compliance and help businesses proactively address vendor risks....more

A&O Shearman

ESAs roadmap for designation of critical ICT third-party service providers under DORA

A&O Shearman on

The European Supervisory Authorities (ESAs) have published a roadmap for the designation of critical ICT third-party service providers (CTPPs) under the EU Digital Operational Resilience Act (DORA). The roadmap of key dates...more

Harris Beach Murtha PLLC

May 1 Deadline for Amendments to NY Department of Financial Services Cybersecurity Standard

Harris Beach Murtha PLLC on

New York State’s Department of Financial Services is warning all regulated entities has released a Cybersecurity Regulation Updates and Reminder warning all companies that all regulated entities without a full exception that...more

138 Results
 / 
View per page
Page: of 6
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide