News & Analysis as of

Cybersecurity Regulatory Requirements Risk Management

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Robinson+Cole Data Privacy + Security Insider

CISO’s: Take a Look at CSC’s CISO Outlook 2025 Report

Robinson+Cole Data Privacy + Security Insider on

Cybersecurity firm CSC recently issued its CISO Outlook 2025 Report, which predicts cybersecurity challenges CISOs will face in the next year. The report, from a survey of 300 CISOs and cybersecurity professionals globally,...more

K&L Gates LLP

United States: The Great SEC Spring Clean Up–14 Proposals Wiped Away

K&L Gates LLP on

Spring is a time of renewal, and the US Securities and Exchange Commission (SEC)–under its new chairman, Paul Atkins–has shown that. On 12 June 2025, the SEC withdrew 14 proposed rules impacting funds and asset managers,...more

Paul Hastings LLP

SEC Withdraws 14 Pending Rule Proposals

Paul Hastings LLP on

On June 12, the Securities and Exchange Commission (SEC) formally withdrew 14 proposed rules for investment advisers, broker-dealers and public companies, many of which had been pending for several years. Should the SEC...more

McCarter & English, LLP

Don’t Get Caught in Scattered Spider’s Web

McCarter & English, LLP on

The cybercrime group known as Scattered Spider is at it again, according to Google’s Threat Intelligence Group. This criminal group is known to focus its cyber attacks on one sector at a time. Last spring, it was the retail...more

Sheppard Mullin Richter & Hampton LLP

North Dakota Passes New Data Security Law for “Financial Corporations”

Sheppard Mullin Richter & Hampton LLP on

North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more

A&O Shearman

The convergence of privacy, AI, and cybersecurity: what fintech GCs should prioritize now

A&O Shearman on

The intersection of privacy, cybersecurity, and AI is reshaping risk and regulation in fintech. In a recent episode of The Fintech and Blockchain Podcast, our team explored how fast-moving developments—from AI-powered...more

Reveal

How to Navigate FedRAMP Compliance for eDiscovery in Federal Agencies

Reveal on

96% of companies currently use the public cloud, but Gartner predicts that there's more to that reliance than a convenient source of digital storage. Their leading experts believe that the cloud will be a business necessity...more

Thomas Fox - Compliance Evangelist

Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder

Thomas Fox - Compliance Evangelist on

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. Join Tom Fox, the Voice of Compliance as he visits with top innovative minds, thinkers and creators in the...more

Mayer Brown Free Writings + Perspectives

SIFMA and Other Industry Groups Petition SEC for Recission of Cybersecurity Disclosure Requirement

Mayer Brown Free Writings + Perspectives on

In late May 2025, the Securities Industry and Financial Markets Association (SIFMA), together with the American Bankers Association, Bank Policy Institute, Independent Community Bankers of America, and Institute of...more

Morgan Lewis - Tech & Sourcing

NIST Releases Updated Incident Response Guidance Under Its Cybersecurity Framework

Morgan Lewis - Tech & Sourcing on

During the Biden administration, there was a push to prioritize and modernize cybersecurity responses, and the National Institute of Standards and Technology (NIST) agreed to work with the technology industry to develop a new...more

A&O Shearman

The cyber-nuclear nexus: safeguarding clean energy

A&O Shearman on

Politicians’ and tech giants’ embrace of nuclear energy to power AI heightens the urgency to protect critical infrastructure from cyber threats....more

Jackson Lewis P.C.

New DOL/EBSA Opinion Letter Program Offers A Path to Clarity for Plan Sponsors

Jackson Lewis P.C. on

On June 2, 2025, the U.S. Department of Labor (DOL) announced a significant expansion of its compliance assistance tools by launching an Opinion Letter Program across five key enforcement agencies, including the Employee...more

Venable LLP

A Closer Look at the Data Security Requirements in DOJ's Bulk Data Rule

Venable LLP on

As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more

Jones Day

EU Geopolitical Risk Update - Key Policy & Regulatory Developments No. 121

Jones Day on

This regular alert covers key policy and regulatory developments related to EU geopolitical risks, including in particular, economic security, Russia’s war against Ukraine, health threats, and cyber threats. It does not...more

Alston & Bird

European Vulnerability Database Published by the European Union Agency for Cybersecurity

Alston & Bird on

The European Union Agency for Cybersecurity (ENISA) has launched the European Vulnerability Database (EUVD), a tool designed to enhance digital security across the EU. The EUVD is available here....more

Orrick, Herrington & Sutcliffe LLP

GAO report focuses on AI use in financial services

Orrick, Herrington & Sutcliffe LLP on

On May 19, the GAO published a report discussing the use and oversight of AI in financial services. The report highlighted the benefits of AI, such as improved efficiency, reduced costs, and enhanced customer experience,...more

BakerHostetler

Data Governance: Practical Considerations for a Reasonable Security Program

BakerHostetler on

Imagine receiving an email from an unknown actor claiming to have taken approximately 2 terabytes of data from your organization’s network. The threat actor provides a file tree and sample files to substantiate its claim....more

A&O Shearman

Cybersecurity in mining: protecting infrastructure and digital assets

A&O Shearman on

The mining sector is increasingly at risk from cyber attacks, and many companies are racing to defend themselves against the backdrop of a rapidly changing threat landscape. Ross Phillipson and Anna Rudawski explore what is...more

A&O Shearman

CMORG AI Taskforce releases comprehensive AI Baseline Guidance

A&O Shearman on

The Cross Market Operational Resilience Group's (CMORG) AI Taskforce has released its AI Baseline Guidance Review (dated January 2025), accompanied by a press release. The CMORG AI Taskforce conducted a baseline review of...more

Orrick, Herrington & Sutcliffe LLP

OIG makes seven recommendations for CFPB following major incident

Orrick, Herrington & Sutcliffe LLP on

On May 5, the OIG for the Fed authored a report with several recommendations for the CFPB following a major security incident regarding confidential supervisory information (CSI). The OIG issued four findings with seven...more

Alston & Bird

UK Publishes Software Security Code

Alston & Bird on

Cyber security supply chain risks are growing, and attacks on vendors and other third parties cause severe disruption to businesses. For example, in recent years we have seen many incidents that have involved threat actors...more

Mitratech Holdings, Inc

EU Cyber Resilience Act: How to Prepare Now

Mitratech Holdings, Inc on

The EU Cyber Resilience Act (CRA), adopted by the European Parliament in 2024, marks a major milestone in European cybersecurity legislation. As the first EU-wide law focused on the cybersecurity of digital products, it...more

Bradley Arant Boult Cummings LLP

Colorado’s Artificial Intelligence Act (CAIA) Updates: A Summary of CAIA’s Consumer Protections When Interacting with Artificial...

Bradley Arant Boult Cummings LLP on

During the 2024 legislative session, the Colorado General Assembly passed Senate Bill 24-205, which is known as the Colorado Artificial Intelligence Act (CAIA). This law will take effect on February 1, 2026, and requires...more

Hogan Lovells

NYDFS: Penultimate set of cybersecurity requirements under amended Part 500 take effect May 1, 2025

Hogan Lovells on

On May 1, 2025, additional cybersecurity requirements introduced by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) took...more

Woodruff Sawyer

Fiduciary Duty in the Digital Age: Cybersecurity Best Practices for ERISA Plans

Woodruff Sawyer on

Cybercriminals look for two things when seeking a victim—access and opportunity. ERISA retirement plans offer both. Cybercriminals exploit weaknesses in systems, software, or human behavior to find opportunities for easy...more

268 Results
 / 
View per page
Page: of 11
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide