News & Analysis as of

Cybersecurity Regulatory Requirements Reporting Requirements

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Clark Hill PLC

Right To Know - June 2025, Vol. 30

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: North Dakota Passes Law...more

Sheppard Mullin Richter & Hampton LLP

North Dakota Passes New Data Security Law for “Financial Corporations”

Sheppard Mullin Richter & Hampton LLP on

North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more

DLA Piper

The Future of the SEC’s Cybersecurity Disclosure Rules

DLA Piper on

Adopted in July 2023, the US Securities and Exchange Commission (SEC)’s cybersecurity disclosure rules require public companies to report material cybersecurity incidents on Form 8-K and to annually report on their...more

K&L Gates LLP

Pay the Price, Now ‘Fess Up’: Reporting Obligations for Ransomware Payments Are Live

K&L Gates LLP on

As of 29 May 2025, the requirement on businesses to report ransomware payments they make has come into effect. What is the Requirement? If a reporting business entity becomes impacted by a cyber security incident and ends up...more

Hogan Lovells

Australia mandates first-of-its-kind reporting of ransomware payments

Hogan Lovells on

Australia has implemented a first-of-its kind requirement for eligible businesses to report ransomware payments. From 30 May 2025, eligible businesses that make a payment in response to a cyber security incident, or become...more

Mayer Brown Free Writings + Perspectives

SIFMA and Other Industry Groups Petition SEC for Recission of Cybersecurity Disclosure Requirement

Mayer Brown Free Writings + Perspectives on

In late May 2025, the Securities Industry and Financial Markets Association (SIFMA), together with the American Bankers Association, Bank Policy Institute, Independent Community Bankers of America, and Institute of...more

Venable LLP

A Closer Look at the Data Security Requirements in DOJ's Bulk Data Rule

Venable LLP on

As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more

Katten Muchin Rosenman LLP

SEC Signals Reevaluation of CAT Reporting Amid Broader Transparency and Regulatory Reform Efforts

Katten Muchin Rosenman LLP on

Securities and Exchange Commission (SEC) Chairman Paul S. Atkins recently directed SEC staff to conduct a review of the Consolidated Audit Trail (CAT), focusing on the escalating costs, reporting requirements, and...more

Blake, Cassels & Graydon LLP

Nouveau cadre relatif aux incidents de sécurité de l’information à l’intention des institutions financières québécoises

Blake, Cassels & Graydon LLP on

Le 23 avril 2025, le Règlement sur la gestion et le signalement des incidents de sécurité de l’information de certaines institutions financières et des agents d’évaluation du crédit (le « Règlement ») est entré en vigueur au...more

Carlton Fields

Construction Update: NAIC’s Privacy Protections and Cybersecurity Working Groups Keep Building

Carlton Fields on

The NAIC’s privacy protections and cybersecurity working groups have continued their building efforts....more

DLA Piper

Will UK Cyber Reforms Keep Step with NIS2?

DLA Piper on

Since its announcement during the King’s Speech on 17 July 2024, there has been much anticipation over the contents of the Cyber Security and Resilience Bill (“CS&R Bill“) and in particular the extent to which it will bring...more

Hogan Lovells

The Cyber Security and Resilience Bill

Hogan Lovells on

On 1 April 2025, the UK Department for Science, Innovation and Technology issued a policy statement setting out its key proposals for the new Cyber Security and Resilience Bill. The Bill is intended to respond to an...more

A&O Shearman

FSB publishes finalised format for FIRE framework

A&O Shearman on

The Financial Stability Board (FSB) has published its finalised Format for Incident Reporting Exchange (FIRE), together with a press release and updated webpage. FIRE provides a standardised format for financial institutions...more

Blake, Cassels & Graydon LLP

New Information Security Incident Framework for Quebec Financial Institutions

Blake, Cassels & Graydon LLP on

On April 23, 2025, Quebec’s Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents (Regulation) will come into force. Issued by...more

DLA Piper

UK: Will UK Cyber Reforms Keep Step with NIS2?

DLA Piper on

Since its announcement during the King’s Speech on 17 July 2024, there has been much anticipation over the contents of the Cyber Security and Resilience Bill (“CS&R Bill“) and in particular the extent to which it will bring...more

Troutman Pepper Locke

OCC Notifies Congress of Major Email System Security Breach

Troutman Pepper Locke on

On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more

Quarles & Brady LLP

New York Cybersecurity Regulation Requires Submission of Compliance Certification or Acknowledgement of Noncompliance Next Week

Quarles & Brady LLP on

On April 3, 2025, the New York State Department of Financial Services (“DFS”) issued reminders about upcoming implementation and reporting deadlines related to its cybersecurity regulations. Upcoming deadlines require...more

Davis Wright Tremaine LLP

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

Davis Wright Tremaine LLP on

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

Baker Botts L.L.P.

SEC Commissioner Hester Peirce Raises Concerns Over Cyber Disclosure Rules

Baker Botts L.L.P. on

As public companies work to align with the SEC’s new cybersecurity disclosure requirements, Commissioner Hester Peirce is urging a reassessment of how these rules are applied—particularly during active cyber incidents. In a...more

A&O Shearman

Australia – new security standards for smart devices

A&O Shearman on

Established under the Cyber Security Act 2024 (the ‘Act’), the Cyber Security (security standards for smart devices) Rules 2025 (the ‘Rules’) set out the requirements for three security standards introduced to enhance the...more

J.S. Held

2025 J.S. Held Global Risk Report: Artificial Intelligence, Data & Digital Regulations

J.S. Held on

Artificial Intelligence (AI) has been touted as the answer to a multitude of business challenges. However, AI – along with machine learning and large language models (LLMs) – is still fraught with technical and regulatory...more

Katten Muchin Rosenman LLP

NYDFS Annual Compliance Submissions Due April 15, 2025 and New Compliance Requirements Effective on May 1, 2025

Katten Muchin Rosenman LLP on

As we previously reported, in 2023 the New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500). As of November 1, 2024, Class A Companies and Covered Entities...more

Wiley Rein LLP

New DOJ Restrictions on Cross-Border Data Transactions Take Effect April 8: Ten Questions as Your Business Prepares to Comply

Wiley Rein LLP on

The U.S. Department of Justice’s (DOJ) sweeping new rule on cross-border data transactions is set to take effect in substantial part next month, with broad implications for companies that transfer U.S. personal data or...more

K&L Gates LLP

Europe: National Regulators Announce Digital Operational Resilience Act Reporting Windows

K&L Gates LLP on

EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more

Orrick, Herrington & Sutcliffe LLP

NYDFS reminds covered entities to submit notifications by April 15

Orrick, Herrington & Sutcliffe LLP on

On February 27, NYDFS reminded covered entities subject to the Cybersecurity Regulation to submit their annual compliance notifications for the 2024 calendar year. Covered entities must submit the compliance filing by April...more

56 Results
 / 
View per page
Page: of 3
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide