News & Analysis as of

Cybersecurity Reporting Requirements Cyber Incident Reporting

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Carlton Fields

Construction Update: NAIC’s Privacy Protections and Cybersecurity Working Groups Keep Building

Carlton Fields on

The NAIC’s privacy protections and cybersecurity working groups have continued their building efforts....more

WilmerHale

Cybersecurity in the First 100 Days

WilmerHale on

This week, the Trump Administration reached the 100-day mark—a significant milestone in any presidential term wherein key administrative priorities and objectives are promulgated. Perhaps unsurprisingly, cybersecurity stands...more

DLA Piper

Will UK Cyber Reforms Keep Step with NIS2?

DLA Piper on

Since its announcement during the King’s Speech on 17 July 2024, there has been much anticipation over the contents of the Cyber Security and Resilience Bill (“CS&R Bill“) and in particular the extent to which it will bring...more

A&O Shearman

FSB publishes finalised format for FIRE framework

A&O Shearman on

The Financial Stability Board (FSB) has published its finalised Format for Incident Reporting Exchange (FIRE), together with a press release and updated webpage. FIRE provides a standardised format for financial institutions...more

Davis Wright Tremaine LLP

Regulatory Reset? U.S. Cyber Incident Reporting Rules Face Congressional Scrutiny

Davis Wright Tremaine LLP on

Lawmakers expressed bipartisan support for significantly amending or eliminating some cybersecurity incident notification requirements during a recent hearing of the U.S. House Committee on Homeland Security's Subcommittee on...more

Cozen O'Connor

FAR Proposed Controlled Unclassified Information Rule: A Path Toward Standardization

Cozen O'Connor on

On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more

Wilson Sonsini Goodrich & Rosati

Snapshot: The First Year of Cybersecurity Incident Filings on Form 8-K Since Adoption of New Rules

Wilson Sonsini Goodrich & Rosati on

In July 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules requiring public companies to report material cybersecurity incidents under new Item 1.05 of Form 8-K beginning on December 18, 2023. Our...more

Vinson & Elkins LLP

Deadline to Comment on TSA Proposed Rule on Enhancing Cyber Risk Management for Surface Transportation Sectors

Vinson & Elkins LLP on

On November 7, 2024, the Transportation Security Administration (the “TSA”) published a Notice of Proposed Rulemaking (the “Proposed Rule”) that would mandate cyber risk management (“CRM”) and reporting requirements for...more

Morgan Lewis - Tech & Sourcing

UK Government Proposes Targeted Ban on Ransomware Payments

Morgan Lewis - Tech & Sourcing on

On January 14, the UK government published a consultation on new measures to tackle the increasing threat of ransomware attacks. Ransomware is malicious software (malware) that infects a victim’s computer system and prevents...more

Wilson Sonsini Goodrich & Rosati

Ransomware Attacks: UK Government Proposes Ransom Payment Ban and Mandatory Notification Requirements

Wilson Sonsini Goodrich & Rosati on

On January 14, 2025, the UK government unveiled a proposed framework aimed at combating the rise of ransomware attacks by implementing a payment prevention and reporting regime. This would require companies to not only report...more

DLA Piper

UK: Consultation on Ransomware payments

DLA Piper on

On 14 January 2025, the UK Home Office published a consultation paper focusing on legislative proposals to reduce payments to cyber criminals and increasing incident reporting. ...more

Ankura

NIS2: What It Means for Businesses in APAC

Ankura on

NIS2 (Network and Information Systems Directive 2) is the updated version of the NIS Directive, which the EU first introduced in 2016. The original NIS Directive aimed to enhance cybersecurity across member states by...more

Blank Rome LLP

The FAR Council Publishes Long-Awaited CUI Rule

Blank Rome LLP on

On January 15, 2025, the Federal Acquisition Regulation (“FAR”) Council issued its long-awaited “CUI Rule.” CUI, or Controlled Unclassified Information, is information that the government creates or possesses, or that an...more

A&O Shearman

FORMS 10-K AND 20-F - Preparing for your Annual report

A&O Shearman on

This guide discusses important themes and trends for the coming annual reporting season. It also includes a “housekeeping checklist” designed to assist you as you prepare your annual report. ANNUAL CYBERSECURITY...more

Vinson & Elkins LLP

Proposed Cybersecurity Regulation Uncertain Under Trump Administration

Vinson & Elkins LLP on

Proposed cybersecurity regulation may face changes or challenges in view of the incoming Trump administration that is intent on reducing the perceived regulatory burden on American companies and streamlining government...more

Troutman Pepper Locke

6 Considerations to Determine if a Cyber Incident Is Material

Troutman Pepper Locke on

In late June, the staff of the U.S. Securities and Exchange Commission’s Division of Corporation Finance released five new compliance and disclosure interpretations regarding the disclosure of material cybersecurity incidents...more

Lippes Mathias LLP

Hospital Administrators – Is Your Hospital Cyber-Secure?

Lippes Mathias LLP on

On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more

Latham & Watkins LLP

Recent Developments for Directors - November 2024

Latham & Watkins LLP on

SEC Penalizes Director for Misleading D&O Questionnaire Response - The SEC recently brought an enforcement action against a director for causing violations of the proxy rules by failing to disclose a close personal...more

White & Case LLP

SEC Enforcement Heats up on Key Public Company Topics: Cyber Disclosure, Director Independence and Regulation FD

White & Case LLP on

The U.S. Securities and Exchange Commission's ("SEC") Division of Enforcement has recently brought a spate of enforcement actions relating to key topics for public companies. These include enforcement actions related to...more

Mayer Brown

Trends in US Cybersecurity Regulation

Mayer Brown on

As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more

Society of Corporate Compliance and Ethics...

The SEC’s cybersecurity and disclosure rules: The questions compliance pros still have

Society of Corporate Compliance and Ethics... on

The U.S. Securities and Exchange Commission (SEC) Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules officially went into effect in December 2023. Aimed at improving cybersecurity risk...more

Cooley LLP

SEC Enforcement mini-sweep charges hypothetical risk factors and other misleading cyber disclosures

Cooley LLP on

On Tuesday, the SEC announced settled charges against four companies for “making materially misleading disclosures regarding cybersecurity risks and intrusions. The charges against the companies, Unisys Corp., Avaya Holdings...more

Carlton Fields

Going Up: SEC Cyber Incident Reporting - Regulation S-P Amendments Take It to Next Level

Carlton Fields on

On May 16, 2024, the SEC breathed new life into its decades-old Regulation S-P, which requires firms to adopt policies and procedures for the protection of customer information and records. The amended rule balloons the...more

McDermott Will & Emery

Special Report: Preparing for CIRCIA’S Reporting Requirements and Avoiding Its Harsh Penalties

McDermott Will & Emery on

The US Cybersecurity and Infrastructure Security Agency (CISA) recently published a Notice for Proposed Rulemaking intended to supplement the Cybersecurity Incident Reporting for Critical Infrastructure Act (CIRCIA). The...more

Ankura

Navigating the NY DFS Cybersecurity Amendments: A Timeline for 2024 Through 2025

Ankura on

In December 2023, the New York Department of Financial Services (NY DFS) issued amendments to the cybersecurity requirements, originally adopted in 2017, which include expanded control requirements and stricter reporting...more

227 Results
 / 
View per page
Page: of 10
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide