News & Analysis as of

Cybersecurity Risk Assessment

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Accelerynt, Inc.

How I Learned to Prioritize in Cybersecurity—and Why It Changed Everything

Accelerynt, Inc. on

I didn’t plan on working in cybersecurity. My path wasn’t exactly traditional, but every job I had taught me how systems break—technical or operational, it didn’t matter. ...more

A&O Shearman

EBA publishes spring 2025 risk assessment report

A&O Shearman on

The European Banking Authority (EBA) has published its spring 2025 risk assessment report alongside a press release, outlining key developments and emerging risks within the European Union/European Economic Area (EU/EEA). The...more

Jackson Lewis P.C.

HB1127 Explained: North Dakota’s New InfoSec Requirements for Financial Corporations

Jackson Lewis P.C. on

Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more

Husch Blackwell LLP

FBI Notes Increase in Cyber Activity Targeting Operational Technology

Husch Blackwell LLP on

On June 30, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Department of Defense Cyber Crime Center (DC3) published a...more

Gardner Law

FDA Finalizes Cybersecurity Premarket Guidance: What It Means for Medical Device Makers

Gardner Law on

The FDA has finalized its guidance on cybersecurity for medical device premarket submissions, providing additional insight into the agency’s expectations for how manufacturers integrate cybersecurity risk management into...more

Woodruff Sawyer

Managing Your Supply Chain Cyber Risk

Woodruff Sawyer on

Most organizations rely on complex supply chains, and that reliance has become a point of vulnerability for cyberattacks. This spring, we have witnessed a large-scale cyberattack on a major British multinational retailer due...more

Paul Hastings LLP

The Changing Cyber Threat Landscape and Lessons Learned From Data Breaches

Paul Hastings LLP on

Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Law Workshop featured three panels of...more

Robinson+Cole Data Privacy + Security Insider

New Hires More Likely to Fall for Phishing + Social Engineering Attacks

Robinson+Cole Data Privacy + Security Insider on

When assessing cybersecurity risk in your organization, it is important to understand your users and their behavior. A new study by Keepnet sheds light on new hire behavior concerning phishing susceptibility. According to its...more

Mitratech Holdings, Inc

The 2025 TPRM Study: Key Findings and Recommendations

Mitratech Holdings, Inc on

The 2025 Mitratech Third-Party Risk Management (TPRM) Study conveys a clear message: the third-party risk landscape is evolving into a complex, interconnected ecosystem — one where every vendor, supplier, and partner plays a...more

Paul Hastings LLP

NYDFS Urges Covered Entities to Review Security Practices Amidst World Turmoil

Paul Hastings LLP on

Citing “escalating global conflict,” the New York Department of Financial Services issued an alert on Monday, June 22, 2025, to its regulated covered entities, urging them to be vigilant against potential security threats,...more

StoneTurn

Assessing the Iranian Cyber Arsenal: Post “12 Day War” Threat to Your Company

StoneTurn on

As tensions flare in the Middle East, speculation is growing over the potential impacts of Iranian cyberattacks targeting US based companies and infrastructure. We saw similar reactions in 2020 following the death of the head...more

Cooley LLP

Understanding and Complying With the DOJ’s Bulk Data Rule  

Cooley LLP on

This post is one in a series where we discuss the US Department of Justice’s (DOJ’s) bulk sensitive data rule (rule), which prohibits individuals or entities from certain foreign countries, including China, from accessing...more

Bressler, Amery & Ross, P.C.

NY Department of Financial Services Issues Guidance to its Regulated Industry As a Result of the Ongoing Global Conflict

Bressler, Amery & Ross, P.C. on

The New York State Department of Financial Services (the “Department”) has issued guidance (“Guidance”) to all individuals and entities regulated by the Department (“Regulated Entities”) to underscore the importance of...more

Alston & Bird

NSA, CISA, FBI, and International Partners Issue Joint Guidance on AI Data Security

Alston & Bird on

Artificial intelligence (AI) systems are vulnerable to more than just threat actors. Our Privacy, Cyber & Data Strategy Group examines joint guidance issued by U.S. and international cybersecurity agencies that provides best...more

Robinson+Cole Data Privacy + Security Insider

CISO’s: Take a Look at CSC’s CISO Outlook 2025 Report

Robinson+Cole Data Privacy + Security Insider on

Cybersecurity firm CSC recently issued its CISO Outlook 2025 Report, which predicts cybersecurity challenges CISOs will face in the next year. The report, from a survey of 300 CISOs and cybersecurity professionals globally,...more

Nelson Mullins Riley & Scarborough LLP

Enforcement Date for DOJ’s Sensitive Data Rule Approaches: Are Your Cross-Border Transfers Compliant?

Nelson Mullins Riley & Scarborough LLP on

On April 8, 2025, the Department of Justice’s Final Rule, titled “Provisions Pertaining to Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons,” (the “Final...more

Sheppard Mullin Richter & Hampton LLP

North Dakota Passes New Data Security Law for “Financial Corporations”

Sheppard Mullin Richter & Hampton LLP on

North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more

Accelerynt, Inc.

The Headcount Trap: Why Large SOCs Often Lose Effectiveness

Accelerynt, Inc. on

Enterprises don’t have a staffing problem. They have a systems problem. In a recent engagement, we were engaged to help improve a global SOC operation. Despite having over 30 analysts on staff, the team was missing...more

Morrison & Foerster LLP

Trump Issues Executive Order on Cybersecurity Rolling Back Some Prior Policies and Introducing New Ones

Morrison & Foerster LLP on

Last week, the Trump administration made its priorities clear for the nation’s cybersecurity posture in the form of the newly issued executive order entitled “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity...more

Davis Wright Tremaine LLP

NSA Issues Cybersecurity Guidance and Best Practices for AI Systems

Davis Wright Tremaine LLP on

The National Security Agency (NSA), in coordination with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and cybersecurity agencies from Australia, New Zealand, and the...more

HaystackID

Strategic Signals: May 2025 HSR Filings Reveal Steady M&A Amid Market Shifts

HaystackID on

Through May 2025, corporate deal activity in the United States demonstrates remarkable resilience despite mounting economic pressures. Hart-Scott-Rodino (HSR) premerger notification filings through the first eight months of...more

Jackson Lewis P.C.

Different Country, Same Challenges: Lessons from a Breach That Could Have Been Prevented

Jackson Lewis P.C. on

A recent breach involving Indian fintech company Kirana Pro serves as a reminder to organizations worldwide: even the most sophisticated cybersecurity technology cannot make up for poor administrative data security hygiene....more

A&O Shearman

US, Australian, New Zealand and UK cybersecurity agencies publish guidance on best practices for securing data used to train and...

A&O Shearman on

On May 22 2025, the cybersecurity agencies from the US, UK, Australia, and New Zealand published a Cybersecurity Information Sheet (CIS) on ensuring that data used to train and use artificial intelligence (AI) and machine...more

Accelerynt, Inc.

Making Cloud Risk Data Actionable in Sentinel: A Playbook for CSPM Integration

Accelerynt, Inc. on

The Posture Visibility Problem - CrowdStrike Cloud Security Posture Management (CSPM) provides critical visibility into misconfigurations—such as publicly accessible storage, unencrypted assets, and overly permissive...more

Venable LLP

A Closer Look at the Data Security Requirements in DOJ's Bulk Data Rule

Venable LLP on

As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more

927 Results
 / 
View per page
Page: of 38
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide