News & Analysis as of

Cybersecurity Reporting Requirements Regulatory Requirements

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Carlton Fields

Construction Update: NAIC’s Privacy Protections and Cybersecurity Working Groups Keep Building

Carlton Fields on

The NAIC’s privacy protections and cybersecurity working groups have continued their building efforts....more

DLA Piper

Will UK Cyber Reforms Keep Step with NIS2?

DLA Piper on

Since its announcement during the King’s Speech on 17 July 2024, there has been much anticipation over the contents of the Cyber Security and Resilience Bill (“CS&R Bill“) and in particular the extent to which it will bring...more

Hogan Lovells

The Cyber Security and Resilience Bill

Hogan Lovells on

On 1 April 2025, the UK Department for Science, Innovation and Technology issued a policy statement setting out its key proposals for the new Cyber Security and Resilience Bill. The Bill is intended to respond to an...more

A&O Shearman

FSB publishes finalised format for FIRE framework

A&O Shearman on

The Financial Stability Board (FSB) has published its finalised Format for Incident Reporting Exchange (FIRE), together with a press release and updated webpage. FIRE provides a standardised format for financial institutions...more

Blake, Cassels & Graydon LLP

New Information Security Incident Framework for Quebec Financial Institutions

Blake, Cassels & Graydon LLP on

On April 23, 2025, Quebec’s Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents (Regulation) will come into force. Issued by...more

DLA Piper

UK: Will UK Cyber Reforms Keep Step with NIS2?

DLA Piper on

Since its announcement during the King’s Speech on 17 July 2024, there has been much anticipation over the contents of the Cyber Security and Resilience Bill (“CS&R Bill“) and in particular the extent to which it will bring...more

Troutman Pepper Locke

OCC Notifies Congress of Major Email System Security Breach

Troutman Pepper Locke on

On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more

Quarles & Brady LLP

New York Cybersecurity Regulation Requires Submission of Compliance Certification or Acknowledgement of Noncompliance Next Week

Quarles & Brady LLP on

On April 3, 2025, the New York State Department of Financial Services (“DFS”) issued reminders about upcoming implementation and reporting deadlines related to its cybersecurity regulations. Upcoming deadlines require...more

Davis Wright Tremaine LLP

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

Davis Wright Tremaine LLP on

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

Baker Botts L.L.P.

SEC Commissioner Hester Peirce Raises Concerns Over Cyber Disclosure Rules

Baker Botts L.L.P. on

As public companies work to align with the SEC’s new cybersecurity disclosure requirements, Commissioner Hester Peirce is urging a reassessment of how these rules are applied—particularly during active cyber incidents. In a...more

A&O Shearman

Australia – new security standards for smart devices

A&O Shearman on

Established under the Cyber Security Act 2024 (the ‘Act’), the Cyber Security (security standards for smart devices) Rules 2025 (the ‘Rules’) set out the requirements for three security standards introduced to enhance the...more

J.S. Held

2025 J.S. Held Global Risk Report: Artificial Intelligence, Data & Digital Regulations

J.S. Held on

Artificial Intelligence (AI) has been touted as the answer to a multitude of business challenges. However, AI – along with machine learning and large language models (LLMs) – is still fraught with technical and regulatory...more

Katten Muchin Rosenman LLP

NYDFS Annual Compliance Submissions Due April 15, 2025 and New Compliance Requirements Effective on May 1, 2025

Katten Muchin Rosenman LLP on

As we previously reported, in 2023 the New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500). As of November 1, 2024, Class A Companies and Covered Entities...more

Wiley Rein LLP

New DOJ Restrictions on Cross-Border Data Transactions Take Effect April 8: Ten Questions as Your Business Prepares to Comply

Wiley Rein LLP on

The U.S. Department of Justice’s (DOJ) sweeping new rule on cross-border data transactions is set to take effect in substantial part next month, with broad implications for companies that transfer U.S. personal data or...more

K&L Gates LLP

Europe: National Regulators Announce Digital Operational Resilience Act Reporting Windows

K&L Gates LLP on

EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more

Orrick, Herrington & Sutcliffe LLP

NYDFS reminds covered entities to submit notifications by April 15

Orrick, Herrington & Sutcliffe LLP on

On February 27, NYDFS reminded covered entities subject to the Cybersecurity Regulation to submit their annual compliance notifications for the 2024 calendar year. Covered entities must submit the compliance filing by April...more

A&O Shearman

EU DORA technical standards published

A&O Shearman on

Two delegated acts were published in the Official Journal of the European Union (OJ) in respect of the EU Digital Operational Resilience Act (DORA). These are: - Commission Delegated Regulation (EU) 2025/301, which comprises...more

Cozen O'Connor

FAR Proposed Controlled Unclassified Information Rule: A Path Toward Standardization

Cozen O'Connor on

On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more

BCLP

Key Points From BCLP's Recent Public Company Update Program

BCLP on

BCLP hosted its annual CLE event, "Public Company Update and Other Trending Topics,” in St. Louis recently. Some of the key issues covered by the event, along with some takeaway considerations for companies, include the...more

Barnea Jaffa Lande & Co.

Legislative updates for regulated financial service-providers – inception of the Financial Information Service Law

Barnea Jaffa Lande & Co. on

Financial Information Service Order – Postponement Order Due to requests from licensed credit providers and licensed operators of credit brokerage system, who are deemed as information sources pursuant to the Financial...more

Wyrick Robbins Yates & Ponton LLP

EDGAR Next: Questions and Answers

Wyrick Robbins Yates & Ponton LLP on

This year, the Securities and Exchange Commission (the “SEC”) is rolling out significant technical changes to its electronic filing system, EDGAR (which stands for Electronic Data Gathering, Analysis and Retrieval), aimed at...more

A&O Shearman

EU joint report on the feasibility for further centralization of reporting of major ICT-related incidents

A&O Shearman on

The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more

Cadwalader, Wickersham & Taft LLP

DORA Now in Force in the EU

Cadwalader, Wickersham & Taft LLP on

Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (“DORA”), which establishes a uniform set of requirements relating to the security of network and information systems supporting financial...more

Wilson Sonsini Goodrich & Rosati

DORA: New EU Cybersecurity Requirements for the Financial Sector Enter into Force

Wilson Sonsini Goodrich & Rosati on

Starting January 17, 2025, the Digital Operational Resilience Act (DORA) will require financial entities and their critical information and communication technology (ICT) service providers to comply with enhanced...more

Walkers

Navigating DORA: Key compliance steps from 17 January 2025

Walkers on

DORA is now applicable, imposing requirements in respect of ICT risk management and digital operational resilience. Firms should be preparing their register of information ready for sharing with the CBI in April....more

47 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide