News & Analysis as of

Cybersecurity Risk Management Cyber Incident Reporting

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
A&O Shearman

FSB publishes finalised format for FIRE framework

A&O Shearman on

The Financial Stability Board (FSB) has published its finalised Format for Incident Reporting Exchange (FIRE), together with a press release and updated webpage. FIRE provides a standardised format for financial institutions...more

Keating Muething & Klekamp PLL

Pay vs. Performance and Cybersecurity Disclosure Rules: Will the SEC Retract Rulemaking?

Keating Muething & Klekamp PLL on

On March 31, 2025, members of the U.S. House of Representatives Committee on Financial Services sent a letter to Mark Uyeda, Acting Chairman of the U.S. Securities and Exchange Commission. Seeking to “undo the damage from...more

WilmerHale

Preparing for Cybersecurity Disclosure as a Public Company

WilmerHale on

The SEC, investment banks and other stakeholders are increasingly focused on cybersecurity in IPO companies given the potential financial, legal and reputational risks....more

J.S. Held

2025 J.S. Held Global Risk Report: Managing Cyber Risk

J.S. Held on

Cyber incidents such as the 2024 event involving Change Healthcare, which compromised the personal information of over 100 million people, highlight the evolving nature of cyber threats – increasingly becoming risk management...more

Hogan Lovells

Fortifying the Future: Hong Kong’s new cybersecurity laws to protect critical infrastructure

Hogan Lovells on

On 19 March 2025, the Legislative Council (the “LegCo”) passed the Protection of Critical Infrastructure (Computer System) Bill (the “Bill”), which is due to come into effect on 1 January 2026. This is a significant step in...more

Davis Wright Tremaine LLP

Regulatory Reset? U.S. Cyber Incident Reporting Rules Face Congressional Scrutiny

Davis Wright Tremaine LLP on

Lawmakers expressed bipartisan support for significantly amending or eliminating some cybersecurity incident notification requirements during a recent hearing of the U.S. House Committee on Homeland Security's Subcommittee on...more

Troutman Pepper Locke

When to Notify Your Cyber Carrier of a Security Incident - Dear Mary – Incidents + Investigations Cybersecurity Advice Column

Troutman Pepper Locke on

Our company experienced a cybersecurity incident. It seemed pretty minor — just a few suspicious emails and an employee’s account being locked. To my dismay, we’re now hearing from our IT team that the issue is more serious....more

StoneTurn

2025 Incident Response Landscape: Practical Tips for Cybersecurity Readiness

StoneTurn on

Organizations seeking to improve their cybersecurity posture in 2025 must assess what happens after an incident has occurred, and how an incident response team will be able to mobilize to respond. This article provides...more

Schwabe, Williamson & Wyatt PC

Coast Guard Tightens Up Cybersecurity Regulations

Schwabe, Williamson & Wyatt PC on

The maritime industry has become a prime target for hackers. In the last few years, it has seen a steep increase in the number of shipping-related cyberattacks. The recent surge marks a new and pressing challenge for ports...more

Polsinelli

Recent Developments Relating to the SEC’s Cybersecurity Disclosure Requirements

Polsinelli on

The U.S. Securities and Exchange Commission (SEC) is becoming one of the federal agencies at the forefront of driving transparency, cybersecurity awareness and cyber incident reporting. As we reported in last year’s...more

Mitratech Holdings, Inc

IT Incident Management Simplified: 5 Strategies for Effective Recovery

Mitratech Holdings, Inc on

Feel confident tackling any threat with a unified incident management approach that integrates roles, communication, and recovery tasks. Small and medium-sized organizations without a disaster recovery plan are 40% more...more

Wilson Sonsini Goodrich & Rosati

Snapshot: The First Year of Cybersecurity Incident Filings on Form 8-K Since Adoption of New Rules

Wilson Sonsini Goodrich & Rosati on

In July 2023, the U.S. Securities and Exchange Commission (SEC) adopted final rules requiring public companies to report material cybersecurity incidents under new Item 1.05 of Form 8-K beginning on December 18, 2023. Our...more

Blank Rome LLP

Cybersecurity in the Marine Transportation System: What You Need to Know About the Coast Guard's Final Rule

Blank Rome LLP on

The U.S. Coast Guard (“USCG”) published a final rule on January 17, 2025, addressing Cybersecurity in the Marine Transportation System (the “Final Rule”), which seeks to minimize cybersecurity related transportation security...more

Vinson & Elkins LLP

Deadline to Comment on TSA Proposed Rule on Enhancing Cyber Risk Management for Surface Transportation Sectors

Vinson & Elkins LLP on

On November 7, 2024, the Transportation Security Administration (the “TSA”) published a Notice of Proposed Rulemaking (the “Proposed Rule”) that would mandate cyber risk management (“CRM”) and reporting requirements for...more

BCLP

Cybersecurity Risks for Financial Services Firms: Proactive Strategies to Stay Ahead

BCLP on

The 2024 CrowdStrike outage and the ransomware attack on NHS partner Synnovis hit mainstream news and highlighted the fragility of ICT supply chains and the risks posed by cyber incidents....more

Vinson & Elkins LLP

Watch What You Say: SEC Enforcement Scrutinizes Cybersecurity Incident Disclosures

Vinson & Elkins LLP on

On January 13, 2025, the Securities and Exchange Commission (“SEC”) filed a settled enforcement action against Ashford Inc. (“Ashford” or “the Company”), a company that provides products and services to the real estate and...more

Wiley Rein LLP

FAR Council Unveils Long-Anticipated Rule for Controlled Unclassified Information

Wiley Rein LLP on

WHAT: The FAR Council published a proposed rule to incorporate the Controlled Unclassified Information (CUI) Program into the acquisition process and, in doing so, seeks to more clearly define government and contractor roles...more

Ankura

The Rise of AI-Powered Cyber Attacks: How Indian Businesses Can Prepare

Ankura on

As the digital landscape evolves, so do the threats that accompany it. The rise of artificial intelligence (AI) has fundamentally transformed the nature of cybercrime, enabling attackers to execute more sophisticated and...more

Woods Rogers

FAR Council Publishes Proposed Rule Imposing New Security Requirements on Contractors Handling CUI

Woods Rogers on

On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more

Ankura

NIS2: What It Means for Businesses in APAC

Ankura on

NIS2 (Network and Information Systems Directive 2) is the updated version of the NIS Directive, which the EU first introduced in 2016. The original NIS Directive aimed to enhance cybersecurity across member states by...more

McCarter & English Blog: Government Contracts...

They Did It. They Really Did It! The Arrival of the FAR CUI Proposed Rule

McCarter & English Blog: Government Contracts... on

After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more

American Conference Institute (ACI)

[Event] 2nd National Conference on Cybersecurity Law & Compliance - January 29th - 30th, Arlington, VA

American Conference Institute (ACI) on

Cyberattacks are affecting every company and sector. Meanwhile, the regulatory landscape is intensifying as the SEC continues to enforce the cyber-risk management disclosure rules. Every day presents a new compliance and...more

BakerHostetler

2024 SEC Cybersecurity Rule Updates

BakerHostetler on

The first year of a new significant regulatory obligation is often more notable for the absence of regulatory enforcement actions as regulators often observe compliance efforts and challenges, offer guidance, and look for...more

A&O Shearman

FORMS 10-K AND 20-F - Preparing for your Annual report

A&O Shearman on

This guide discusses important themes and trends for the coming annual reporting season. It also includes a “housekeeping checklist” designed to assist you as you prepare your annual report. ANNUAL CYBERSECURITY...more

King & Spalding

EU DORA: Are you in scope, and if so, how can you prepare?

King & Spalding on

The Digital Operational Resilience Act (DORA) establishes a harmonised and comprehensive framework for information and communication technology (ICT) risk management in the financial sector. It is a directly applicable EU...more

229 Results
 / 
View per page
Page: of 10
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide