News & Analysis as of

Cybersecurity Reporting Requirements Data Protection

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Carlton Fields

Construction Update: NAIC’s Privacy Protections and Cybersecurity Working Groups Keep Building

Carlton Fields on

The NAIC’s privacy protections and cybersecurity working groups have continued their building efforts....more

Dechert LLP

Dechert Cyber Bits - Issue 72

Dechert LLP on

Warby Parker Fined $1.5 Million Following HHS Investigation of Credential Stuffing Security Breach - On February 20, 2025, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a...more

J.S. Held

2025 J.S. Held Global Risk Report: Artificial Intelligence, Data & Digital Regulations

J.S. Held on

Artificial Intelligence (AI) has been touted as the answer to a multitude of business challenges. However, AI – along with machine learning and large language models (LLMs) – is still fraught with technical and regulatory...more

Wiley Rein LLP

New DOJ Restrictions on Cross-Border Data Transactions Take Effect April 8: Ten Questions as Your Business Prepares to Comply

Wiley Rein LLP on

The U.S. Department of Justice’s (DOJ) sweeping new rule on cross-border data transactions is set to take effect in substantial part next month, with broad implications for companies that transfer U.S. personal data or...more

K&L Gates LLP

Europe: National Regulators Announce Digital Operational Resilience Act Reporting Windows

K&L Gates LLP on

EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more

A&O Shearman

EU DORA technical standards published

A&O Shearman on

Two delegated acts were published in the Official Journal of the European Union (OJ) in respect of the EU Digital Operational Resilience Act (DORA). These are: - Commission Delegated Regulation (EU) 2025/301, which comprises...more

Katten Muchin Rosenman LLP

SEC Grants Further Relief From Including Personally Identifiable Information in CAT Reporting

Katten Muchin Rosenman LLP on

On February 10, the Securities and Exchange Commission (SEC) granted relief exempting industry members from reporting a natural person’s name, address, and year of birth to the Consolidated Audit Trail (CAT). Industry members...more

A&O Shearman

EU joint report on the feasibility for further centralization of reporting of major ICT-related incidents

A&O Shearman on

The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more

Wilson Sonsini Goodrich & Rosati

Not Just for DoD Anymore: New Proposed CUI Rule to Apply to All Federal Contractors

Wilson Sonsini Goodrich & Rosati on

On January 15, 2025, the Federal Acquisition Regulatory (FAR) Council issued a proposed rule that, if adopted, would uniformly define and protect Controlled Unclassified Information (CUI) across the government. The proposed...more

Faegre Drinker Biddle & Reath LLP

UK Government Launches Consultation on Ransomware Payments

Faegre Drinker Biddle & Reath LLP on

The UK government has launched a public consultation on proposed measures to combat ransomware — a growing cyber threat with serious economic and security implications — and seeks input from businesses, cybersecurity...more

Morgan Lewis - Tech & Sourcing

Preparing for DORA Compliance Deadline Arrives

Morgan Lewis - Tech & Sourcing on

Starting as of Friday, January 17, 2025, financial entities must now be compliant with the EU’s Digital Operational Resilience Act (DORA). Implementation efforts have accelerated in recent months to meet the deadline and in...more

Ankura

NIS2: What It Means for Businesses in APAC

Ankura on

NIS2 (Network and Information Systems Directive 2) is the updated version of the NIS Directive, which the EU first introduced in 2016. The original NIS Directive aimed to enhance cybersecurity across member states by...more

Tarter Krinsky & Drogin LLP

Businesses Have 30 Days to Report a Security Breach of New Yorker’s Private Information

Tarter Krinsky & Drogin LLP on

New York State Governor Hochul recently gave us a “pre” New Year’s gift: effective on December 21, 2024, any individuals or businesses possessing the “private information” of New Yorkers must notify them, and certain state...more

Sheppard Mullin Richter & Hampton LLP

Governmental Practice Cybersecurity and Data Protection: 2024 Recap & 2025 Forecast Alert

Sheppard Mullin Richter & Hampton LLP on

To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more

King & Spalding

DOJ Issues Final Rule Restricting Foreign Access to U.S. Data

King & Spalding on

The rule imposes substantial new diligence, reporting, cybersecurity, and auditing obligations on companies. On December 27, 2024, the U.S. Department of Justice (“DOJ”) issued a final rule implementing Executive Order...more

HaystackID

[Webcast Transcript] Anatomy of a Business Email Compromise

HaystackID on

Editor’s Note: This webcast brings together some of HaystackID’s top experts to dissect the intricacies of Business Email Compromise (BEC) attacks—a rapidly growing threat impacting organizations globally. During the...more

Harris Beach Murtha PLLC

Key Considerations for Selling AI Software to the Government

Harris Beach Murtha PLLC on

The federal government is the biggest purchaser in America and that extends to the SaaS space. On September 24, 2024, the Office of Management and Budget (OMB) released Memorandum M-24-18, offering updated guidelines for the...more

Troutman Pepper Locke

SEC Cybersecurity Incidents Disclosures: Materiality, Decryptors, and Ransom Payments - Dear Mary – Incidents + Investigations...

Troutman Pepper Locke on

I work for a public company that recently experienced a ransomware attack. Fortunately, we were able to restore our business operations quickly by obtaining a decryption key from the threat actor. Given that we managed to get...more

J.S. Held

Benefits of a vCISO in the Age of AI-Driven Cyberattacks

J.S. Held on

Cyberattacks powered by artificial intelligence have become more sophisticated as bad actors utilize machine learning to analyze vulnerabilities, automate exploits, and outpace traditional security measures. Through the use...more

Akerman LLP - Health Law Rx

FTC’s Updated Health Breach Notification Rule Puts Health App Developers on Notice

Akerman LLP - Health Law Rx on

The Federal Trade Commission’s (FTC) years-long effort to modernize its Health Breach Notification Rule (HBNR) in the midst of a swiftly changing technological landscape appears to be coming to an end. On Thursday, May 30,...more

Katten Muchin Rosenman LLP

Canada's Privacy Regulator Lauches New Tools for Data Breach Reporting

Katten Muchin Rosenman LLP on

On May 24, 2024, the Office of the Information and Privacy Commissioner of Canada (OPC) issued new guidance relating to data breach reporting for federal institutions and businesses....more

Foley Hoag LLP - Security, Privacy and the...

SEC Revamps and Enhances Data Protections with Amendments to Regulation S-P

Foley Hoag LLP - Security, Privacy and the... on

The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more

PilieroMazza PLLC

Coming Soon! CISA’s Proposed Rule on Government-wide Cybersecurity Reporting Requirements for Contractors

PilieroMazza PLLC on

The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) was enacted in 2022 with the primary purpose of preserving national security, economic security, and public health and safety. CIRCIA provides the Director...more

Blake, Cassels & Graydon LLP

Projet de loi 194 de l’Ontario : Réforme de la LAIPVP et nouvelles exigences de signalement des atteintes à la vie privée

Blake, Cassels & Graydon LLP on

Le 13 mai 2024, le gouvernement de l’Ontario (le « gouvernement ») a déposé le projet de loi 194, Loi de 2024 visant à renforcer la cybersécurité et la confiance dans le secteur public (le « projet de loi 194 »). S’il est...more

Blake, Cassels & Graydon LLP

New Ontario Bill 194 to Reform FIPPA and Introduce Mandatory Privacy Breach Reporting

Blake, Cassels & Graydon LLP on

On May 13, 2024, the Government of Ontario introduced Bill 194, the Strengthening Cyber Security and Building Trust in the Public Sector Act, 2024 (Bill 194), which, if passed, will significantly reform the Freedom of...more

122 Results
 / 
View per page
Page: of 5
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide