News & Analysis as of

Cybersecurity Reporting Requirements Risk Management

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
A&O Shearman

FSB publishes finalised format for FIRE framework

A&O Shearman on

The Financial Stability Board (FSB) has published its finalised Format for Incident Reporting Exchange (FIRE), together with a press release and updated webpage. FIRE provides a standardised format for financial institutions...more

Quarles & Brady LLP

New York Cybersecurity Regulation Requires Submission of Compliance Certification or Acknowledgement of Noncompliance Next Week

Quarles & Brady LLP on

On April 3, 2025, the New York State Department of Financial Services (“DFS”) issued reminders about upcoming implementation and reporting deadlines related to its cybersecurity regulations. Upcoming deadlines require...more

Davis Wright Tremaine LLP

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

Davis Wright Tremaine LLP on

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

Baker Botts L.L.P.

SEC Commissioner Hester Peirce Raises Concerns Over Cyber Disclosure Rules

Baker Botts L.L.P. on

As public companies work to align with the SEC’s new cybersecurity disclosure requirements, Commissioner Hester Peirce is urging a reassessment of how these rules are applied—particularly during active cyber incidents. In a...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Reminder: New York Cybersecurity Reporting Deadline April 15, 2025; New Regulations Effective May 1, 2025

Ogletree, Deakins, Nash, Smoak & Stewart,... on

Covered entities regulated by the New York State Department of Financial Services (NYDFS) must submit cybersecurity compliance forms by April 15, 2025. New sets of requirements for system monitoring and access privileges,...more

Davis Wright Tremaine LLP

Regulatory Reset? U.S. Cyber Incident Reporting Rules Face Congressional Scrutiny

Davis Wright Tremaine LLP on

Lawmakers expressed bipartisan support for significantly amending or eliminating some cybersecurity incident notification requirements during a recent hearing of the U.S. House Committee on Homeland Security's Subcommittee on...more

J.S. Held

2025 J.S. Held Global Risk Report: Artificial Intelligence, Data & Digital Regulations

J.S. Held on

Artificial Intelligence (AI) has been touted as the answer to a multitude of business challenges. However, AI – along with machine learning and large language models (LLMs) – is still fraught with technical and regulatory...more

Dechert LLP

EDGAR Next: What Filers Need to Know and How They Can Prepare

Dechert LLP on

The Securities and Exchange Commission officially adopted the “EDGAR Next” changes to its Electronic Data Gathering, Analysis, and Retrieval system (“EDGAR”) on September 27, 2024. These changes to the EDGAR filing system...more

Katten Muchin Rosenman LLP

NYDFS Annual Compliance Submissions Due April 15, 2025 and New Compliance Requirements Effective on May 1, 2025

Katten Muchin Rosenman LLP on

As we previously reported, in 2023 the New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500). As of November 1, 2024, Class A Companies and Covered Entities...more

K&L Gates LLP

Europe: National Regulators Announce Digital Operational Resilience Act Reporting Windows

K&L Gates LLP on

EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more

A&O Shearman

EU DORA technical standards published

A&O Shearman on

Two delegated acts were published in the Official Journal of the European Union (OJ) in respect of the EU Digital Operational Resilience Act (DORA). These are: - Commission Delegated Regulation (EU) 2025/301, which comprises...more

Mayer Brown Free Writings + Perspectives

FINRA Publishes 2025 Annual Regulatory Oversight Report

Mayer Brown Free Writings + Perspectives on

The Financial Industry Regulatory Authority, Inc. (“FINRA”) published its 2025 FINRA Annual Regulatory Oversight Report (the “Report”), which builds on the structure and content of FINRA’s prior reports for 2021-2024. This...more

Katten Muchin Rosenman LLP

SEC Grants Further Relief From Including Personally Identifiable Information in CAT Reporting

Katten Muchin Rosenman LLP on

On February 10, the Securities and Exchange Commission (SEC) granted relief exempting industry members from reporting a natural person’s name, address, and year of birth to the Consolidated Audit Trail (CAT). Industry members...more

BCLP

Key Points From BCLP's Recent Public Company Update Program

BCLP on

BCLP hosted its annual CLE event, "Public Company Update and Other Trending Topics,” in St. Louis recently. Some of the key issues covered by the event, along with some takeaway considerations for companies, include the...more

Morrison & Foerster LLP

Reminders for the 2025 Reporting Season

Morrison & Foerster LLP on

Many companies are in the midst of preparing their year-end Annual Reports on Form 10-K and looking ahead to their annual meeting of shareholders. In addition to changes to rules, regulations and disclosure trends, the...more

Wilson Sonsini Goodrich & Rosati

Snapshot: The First Year of Cybersecurity Incident Filings on Form 8-K Since Adoption of New Rules

Wilson Sonsini Goodrich & Rosati on

In July 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules requiring public companies to report material cybersecurity incidents under new Item 1.05 of Form 8-K beginning on December 18, 2023. Our...more

Orrick, Herrington & Sutcliffe LLP

FINRA publishes its 2025 Regulatory Oversight Report

Orrick, Herrington & Sutcliffe LLP on

On January 28, FINRA published its 2025 FINRA Regulatory Oversight Report, which highlights areas identifying compliance gaps and observing emerging risks. The report introduced new topics such as the third-party risk...more

Vinson & Elkins LLP

Deadline to Comment on TSA Proposed Rule on Enhancing Cyber Risk Management for Surface Transportation Sectors

Vinson & Elkins LLP on

On November 7, 2024, the Transportation Security Administration (the “TSA”) published a Notice of Proposed Rulemaking (the “Proposed Rule”) that would mandate cyber risk management (“CRM”) and reporting requirements for...more

Ropes & Gray LLP

Capital Markets & Governance Insights - January 2025

Ropes & Gray LLP on

Companies should not minimize the extent of a material cybersecurity incident by omitting material facts regarding the scope and potential impact of the incident. Cybersecurity risk factor disclosures should be tailored to a...more

A&O Shearman

EU joint report on the feasibility for further centralization of reporting of major ICT-related incidents

A&O Shearman on

The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more

SEC Compliance Consultants, Inc. (SEC³)

Lessons From 2024: Tips for Private Fund Managers

SEC Compliance Consultants, Inc. (SEC³) on

As we look back on the SEC’s actions in 2024, we wanted to share our thoughts on lessons learned that we believe will carry through to 2025....more

Cadwalader, Wickersham & Taft LLP

DORA Now in Force in the EU

Cadwalader, Wickersham & Taft LLP on

Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (“DORA”), which establishes a uniform set of requirements relating to the security of network and information systems supporting financial...more

Morrison & Foerster LLP - Government...

Proposed Regulation on Controlled Unclassified Information Standardizes Process for CUI Identification and Handling Across Federal...

Morrison & Foerster LLP - Government... on

The Federal Acquisition Regulation (FAR) Council issued its long awaited proposed rule on Controlled Unclassified Information (CUI) on January 15, 2025. The proposed rule establishes a common form to be used by all federal...more

Wilson Sonsini Goodrich & Rosati

Not Just for DoD Anymore: New Proposed CUI Rule to Apply to All Federal Contractors

Wilson Sonsini Goodrich & Rosati on

On January 15, 2025, the Federal Acquisition Regulatory (FAR) Council issued a proposed rule that, if adopted, would uniformly define and protect Controlled Unclassified Information (CUI) across the government. The proposed...more

Hogan Lovells

UK Insurance Horizon Scanner - January 2025

Hogan Lovells on

DATE DETAILS 1 January Critical third parties: Final rules and policy on critical third parties set out in the joint policy statement of the PRA and FCA (PS16/24 and PS24/16) came into effect. Certain requirements are subject...more

185 Results
 / 
View per page
Page: of 8
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide