News & Analysis as of

Cybersecurity Reporting Requirements

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
WilmerHale

Cybersecurity in the First 100 Days

WilmerHale on

This week, the Trump Administration reached the 100-day mark—a significant milestone in any presidential term wherein key administrative priorities and objectives are promulgated. Perhaps unsurprisingly, cybersecurity stands...more

DLA Piper

Will UK Cyber Reforms Keep Step with NIS2?

DLA Piper on

Since its announcement during the King’s Speech on 17 July 2024, there has been much anticipation over the contents of the Cyber Security and Resilience Bill (“CS&R Bill“) and in particular the extent to which it will bring...more

Hogan Lovells

The Cyber Security and Resilience Bill

Hogan Lovells on

On 1 April 2025, the UK Department for Science, Innovation and Technology issued a policy statement setting out its key proposals for the new Cyber Security and Resilience Bill. The Bill is intended to respond to an...more

A&O Shearman

FSB publishes finalised format for FIRE framework

A&O Shearman on

The Financial Stability Board (FSB) has published its finalised Format for Incident Reporting Exchange (FIRE), together with a press release and updated webpage. FIRE provides a standardised format for financial institutions...more

Blake, Cassels & Graydon LLP

New Information Security Incident Framework for Quebec Financial Institutions

Blake, Cassels & Graydon LLP on

On April 23, 2025, Quebec’s Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents (Regulation) will come into force. Issued by...more

DLA Piper

UK: Will UK Cyber Reforms Keep Step with NIS2?

DLA Piper on

Since its announcement during the King’s Speech on 17 July 2024, there has been much anticipation over the contents of the Cyber Security and Resilience Bill (“CS&R Bill“) and in particular the extent to which it will bring...more

Orrick, Herrington & Sutcliffe LLP

OCC announces major information security incident

Orrick, Herrington & Sutcliffe LLP on

On April 8, the OCC announced it had notified Congress of a major information security incident, as required by the Federal Information Security Modernization Act. The incident involved unauthorized access to emails and their...more

Troutman Pepper Locke

OCC Notifies Congress of Major Email System Security Breach

Troutman Pepper Locke on

On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more

Quarles & Brady LLP

New York Cybersecurity Regulation Requires Submission of Compliance Certification or Acknowledgement of Noncompliance Next Week

Quarles & Brady LLP on

On April 3, 2025, the New York State Department of Financial Services (“DFS”) issued reminders about upcoming implementation and reporting deadlines related to its cybersecurity regulations. Upcoming deadlines require...more

Davis Wright Tremaine LLP

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

Davis Wright Tremaine LLP on

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

Baker Botts L.L.P.

SEC Commissioner Hester Peirce Raises Concerns Over Cyber Disclosure Rules

Baker Botts L.L.P. on

As public companies work to align with the SEC’s new cybersecurity disclosure requirements, Commissioner Hester Peirce is urging a reassessment of how these rules are applied—particularly during active cyber incidents. In a...more

Wiley Rein LLP

Update: DOJ and CISA Issue New National Security Program to Regulate Foreign Access to Sensitive Data

Wiley Rein LLP on

On January 8, 2025, the U.S. Department of Justice (Department or DOJ) issued new rules required by then-President Biden’s February 2024 Executive Order (EO) 14117 to establish a new regulatory framework aimed at “Preventing...more

A&O Shearman

Australia – new security standards for smart devices

A&O Shearman on

Established under the Cyber Security Act 2024 (the ‘Act’), the Cyber Security (security standards for smart devices) Rules 2025 (the ‘Rules’) set out the requirements for three security standards introduced to enhance the...more

A&O Shearman

EU DORA guidelines on estimation of costs of major ICT-related incidents published

A&O Shearman on

Translations have been published of the joint guidelines on the estimation of aggregated annual costs and losses caused by major ICT-related incidents...more

Akin Gump Strauss Hauer & Feld LLP

Preserving and Protecting the Integrity of American Elections (Trump EO Tracker)

Akin Gump Strauss Hauer & Feld LLP on

Enforce the Federal prohibition on foreign nationals voting in Federal elections. Requires documentary proof of United States citizenship and for verification from a State or local official for national mail voter...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Reminder: New York Cybersecurity Reporting Deadline April 15, 2025; New Regulations Effective May 1, 2025

Ogletree, Deakins, Nash, Smoak & Stewart,... on

Covered entities regulated by the New York State Department of Financial Services (NYDFS) must submit cybersecurity compliance forms by April 15, 2025. New sets of requirements for system monitoring and access privileges,...more

Davis Wright Tremaine LLP

Regulatory Reset? U.S. Cyber Incident Reporting Rules Face Congressional Scrutiny

Davis Wright Tremaine LLP on

Lawmakers expressed bipartisan support for significantly amending or eliminating some cybersecurity incident notification requirements during a recent hearing of the U.S. House Committee on Homeland Security's Subcommittee on...more

Dechert LLP

Dechert Cyber Bits - Issue 72

Dechert LLP on

Warby Parker Fined $1.5 Million Following HHS Investigation of Credential Stuffing Security Breach - On February 20, 2025, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a...more

J.S. Held

2025 J.S. Held Global Risk Report: Artificial Intelligence, Data & Digital Regulations

J.S. Held on

Artificial Intelligence (AI) has been touted as the answer to a multitude of business challenges. However, AI – along with machine learning and large language models (LLMs) – is still fraught with technical and regulatory...more

Dechert LLP

EDGAR Next: What Filers Need to Know and How They Can Prepare

Dechert LLP on

The Securities and Exchange Commission officially adopted the “EDGAR Next” changes to its Electronic Data Gathering, Analysis, and Retrieval system (“EDGAR”) on September 27, 2024. These changes to the EDGAR filing system...more

Katten Muchin Rosenman LLP

NYDFS Annual Compliance Submissions Due April 15, 2025 and New Compliance Requirements Effective on May 1, 2025

Katten Muchin Rosenman LLP on

As we previously reported, in 2023 the New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500). As of November 1, 2024, Class A Companies and Covered Entities...more

Wiley Rein LLP

New DOJ Restrictions on Cross-Border Data Transactions Take Effect April 8: Ten Questions as Your Business Prepares to Comply

Wiley Rein LLP on

The U.S. Department of Justice’s (DOJ) sweeping new rule on cross-border data transactions is set to take effect in substantial part next month, with broad implications for companies that transfer U.S. personal data or...more

K&L Gates LLP

Europe: National Regulators Announce Digital Operational Resilience Act Reporting Windows

K&L Gates LLP on

EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more

Orrick, Herrington & Sutcliffe LLP

NYDFS reminds covered entities to submit notifications by April 15

Orrick, Herrington & Sutcliffe LLP on

On February 27, NYDFS reminded covered entities subject to the Cybersecurity Regulation to submit their annual compliance notifications for the 2024 calendar year. Covered entities must submit the compliance filing by April...more

A&O Shearman

EU DORA technical standards published

A&O Shearman on

Two delegated acts were published in the Official Journal of the European Union (OJ) in respect of the EU Digital Operational Resilience Act (DORA). These are: - Commission Delegated Regulation (EU) 2025/301, which comprises...more

643 Results
 / 
View per page
Page: of 26
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide