News & Analysis as of

Cybersecurity Risk Management Regulatory Requirements

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Alston & Bird

Additional Cybersecurity Requirements of NYDFS Part 500 Take Effect

Alston & Bird on

On May 1, 2025, additional enhanced cybersecurity controls required by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) take...more

Hogan Lovells

PRODUCT | Cybersecurity and Product Liability in Technology – Cross perspectives

Hogan Lovells on

As our world has grown more connected and digitalized, and as smart, data-driven devices — including those that form the Internet of Things (IoT) — have become more prevalent, regulators have begun to reframe how they address...more

A&O Shearman

Operational resilience in banking: from regulatory compliance to strategic priority

A&O Shearman on

As regulatory frameworks tighten and cybersecurity threats grow in complexity, operational resilience is, now more than ever, a boardroom challenge for banks....more

Husch Blackwell LLP

Effective Dates Draw Near for Insurance Industry to Comply with NYDFS's Cybersecurity Rules

Husch Blackwell LLP on

As part of a multiyear rollout, the New York Department of Financial Services (NYDFS) has established May 1, 2025, and November 1, 2025, as effective dates for certain amendments to its cybersecurity regulations. These...more

A&O Shearman

FSB publishes finalised format for FIRE framework

A&O Shearman on

The Financial Stability Board (FSB) has published its finalised Format for Incident Reporting Exchange (FIRE), together with a press release and updated webpage. FIRE provides a standardised format for financial institutions...more

Jackson Lewis P.C.

Florida Bar Urges Law Firms to Adopt Incident Response Plans: A Call to Action for Legal Professionals

Jackson Lewis P.C. on

In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to...more

Cozen O'Connor

Cybersecurity Best Practices for AI-Powered Robotics Under State and Federal Privacy Laws

Cozen O'Connor on

As robotics technology rapidly advances in connection with the use of artificial intelligence (AI), the collection, processing, and storage of personal information—including biometric data—will become increasingly common....more

Orrick, Herrington & Sutcliffe LLP

OCC provides an update on its security breach given institutional risk

Orrick, Herrington & Sutcliffe LLP on

On April 14, the OCC released a letter providing more details on the recent security breach involving its email systems. The breach — identified as a major incident under the Federal Information Security Modernization Act...more

Davis Wright Tremaine LLP

FedRAMP 20x Initiative Promises Major Changes for Federal Cloud Service Providers

Davis Wright Tremaine LLP on

Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more

Alston & Bird

Cybersecurity Controls: What Do Regulators Expect Nowadays?

Alston & Bird on

Our Privacy, Cyber & Data Strategy Team highlights the increasingly specific cybersecurity controls identified by regulators, explains why these enhanced cybersecurity controls have become the focus of regulators, and shares...more

A&O Shearman

UK Financial Stability in Focus report: AI in the financial system

A&O Shearman on

The Financial Policy Committee (FPC) of the Bank of England (BoE) has published the Financial Stability in Focus report on AI in the UK financial system. The FPC considers the potential benefits of AI with its growing...more

A&O Shearman

EC publishes draft delegated regulation on subcontracting RTS under DORA

A&O Shearman on

On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more

Hinshaw & Culbertson - Privacy, Cyber & AI...

Are Your Cybersecurity Controls Ready for the New York State Department of Financial Services' Deadlines?

Hinshaw & Culbertson - Privacy, Cyber & AI... on

In November 2023, New York State's Department of Financial Services (NYDFS) amended its cybersecurity regulation, Part 500. This legal alert provides an update for Covered Entities and Class A Businesses on the current NYDFS...more

Sheppard Mullin Richter & Hampton LLP

Insurance Cybersecurity Certifications: An (Updated) State Roundup

Sheppard Mullin Richter & Hampton LLP on

Over half of US states require annual compliance certifications from insurance providers. While the filing time frames for this year draw to a close, companies may want to keep them in mind not only for next year, but as a...more

American Conference Institute (ACI)

[Event] 9th Annual Legal, Regulatory and Compliance Forum on FinTech & Emerging Payment Systems - May 12th - 14th, New York, NY

American Conference Institute (ACI) on

Meet key stakeholders in Banking, FinTech, and broader payment systems next month at ACI’s 9th Annual Legal, Regulatory and Compliance Forum on FinTech & Emerging Payment Systems. Gain valuable insights from these industry...more

Alston & Bird

UK Government Publishes Cyber Governance Code of Practice for Boards and Directors

Alston & Bird on

On April 8, 2025, the UK government published the Cyber Code of Practice (the “Code”) to support board directors in governing cybersecurity risks. The Code is available online. The UK’s data protection regulator is actively...more

Mayer Brown

US NAIC Spring 2025 National Meeting Highlights: Innovation, Cybersecurity, and Technology (H) Committee

Mayer Brown on

On March 26, 2025, the Innovation, Cybersecurity, and Technology (H) Committee (“H Committee”) met at the Spring 2025 US National Meeting of the National Association of Insurance Commissioners (“NAIC”). The meeting covered...more

Quarles & Brady LLP

New York Cybersecurity Regulation Requires Submission of Compliance Certification or Acknowledgement of Noncompliance Next Week

Quarles & Brady LLP on

On April 3, 2025, the New York State Department of Financial Services (“DFS”) issued reminders about upcoming implementation and reporting deadlines related to its cybersecurity regulations. Upcoming deadlines require...more

Morgan Lewis

Key Messaging from ‘Aging Technology, Emerging Threats: Examining Cybersecurity Vulnerabilities in Legacy Medical Devices’

Morgan Lewis on

On April 1, 2025, the subcommittee on Oversight and Investigations of the House Committee on Energy and Commerce held a hearing on cybersecurity vulnerabilities in legacy medical devices. The hearing was largely a...more

Davis Wright Tremaine LLP

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

Davis Wright Tremaine LLP on

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

Baker Botts L.L.P.

SEC Commissioner Hester Peirce Raises Concerns Over Cyber Disclosure Rules

Baker Botts L.L.P. on

As public companies work to align with the SEC’s new cybersecurity disclosure requirements, Commissioner Hester Peirce is urging a reassessment of how these rules are applied—particularly during active cyber incidents. In a...more

Holland & Knight LLP

GSA Announces Overhaul of FedRAMP with Emphasis on Industry Input and Automation

Holland & Knight LLP on

The U.S. General Services Administration (GSA) recently announced plans to develop the Federal Risk and Authorization Management Program (FedRAMP) 20x – a new approach to the government-wide program for the security...more

Sheppard Mullin Richter & Hampton LLP

FDIC Updates Crypto Guidance, Removes Pre-Approval Requirement for Banks

Sheppard Mullin Richter & Hampton LLP on

On March 28, the FDIC issued updated guidance clarifying the process for FDIC-supervised institutions to engage in crypto-related activities. The guidance rescinds and replaces prior instructions issued in 2022 and makes...more

Morgan Lewis

Data Center Operations: Aligning Supply Chain, Compliance, and Customer Expectations

Morgan Lewis on

The demand for data centers is continuing to accelerate, fueled largely by generative artificial intelligence (Gen AI), broader digital transformation, and organizations migrating to cloud infrastructure. Gen AI adoption...more

Skadden, Arps, Slate, Meagher & Flom LLP

Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs

Skadden, Arps, Slate, Meagher & Flom LLP on

As companies shift their thinking from “if” a cyberattack will happen to “when” an attack hits, the key differentiator in how a company emerges from an attack is often dictated by preparation and strategic planning in order...more

240 Results
 / 
View per page
Page: of 10
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide