News & Analysis as of

Cybersecurity Third-Party Service Provider Compliance

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Winstead PC

Top Data Privacy & Cybersecurity Considerations in 2025 for RIAs

Winstead PC on

Compliance and Regulations - Ensure adherence to SEC regulations with appropriate privacy and cybersecurity policies tailored to SEC requirements....more

Bracewell LLP

FINRA Facts and Trends: November 2024

Bracewell LLP on

Welcome to the latest issue of Bracewell’s FINRA Facts and Trends, a monthly newsletter devoted to condensing and digesting recent FINRA developments in the areas of enforcement, regulation and dispute resolution. This month,...more

Lippes Mathias LLP

Hospital Administrators – Is Your Hospital Cyber-Secure?

Lippes Mathias LLP on

On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more

Snell & Wilmer

2024 End-of-Year Plan Sponsor “To Do” List (Part 1) Health and Welfare

Snell & Wilmer on

We are pleased to present our annual End of Year Plan Sponsor “To Do” Lists. This year, we present our “To Do” Lists in four separate SW Benefits Updates. This Part 1 covers year-end health and welfare plan issues. Parts 2,...more

Goodwin

NYDFS Publishes Guidance on AI-Related Cybersecurity Risks

Goodwin on

On October 16, 2024, the New York State Department of Financial Services (NYDFS or the “Department”) published an industry letter (the “Guidance”) regarding the increased reliance on artificial intelligence (AI) and the...more

Holland & Knight LLP

15 Key Takeaways from the Final CMMC Program Rule Issued by DOD

Holland & Knight LLP on

The U.S. Department of Defense (DOD) has long questioned whether contractors and their supply chains have been fully compliant with existing cybersecurity requirements aimed at protecting Controlled Unclassified Information...more

BCLP

The EU’s Digital Operational Resilience Act 2022/2554 (DORA)

BCLP on

Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more

Holland & Hart - The Benefits Dial

Both Sides Now… Must Be Alert to Cybersecurity

Holland & Hart - The Benefits Dial on

by Becky Achten New guidance from the Employee Benefits Security Administration (EBSA) affirms that both sides—retirement plans and welfare plans—must take steps to secure participant data from cybercrime. In 2021 the...more

BakerHostetler

FTC Continues Focus on Disclosure of Health Information to Third-Party Technologies

BakerHostetler on

A recently announced settlement with online alcohol addiction treatment service Monument Inc. demonstrates the Federal Trade Commission’s (FTC) continued focus on the use and disclosure of health data. The proposed settlement...more

Esquire Deposition Solutions, LLC

Actionable Advice When Sharing Client Data with Vendors

Esquire Deposition Solutions, LLC on

We’ve previously written on the need for law firms to scrutinize the data security protections in place at all third-party vendors who have access to client confidential information. Clearly, that’s still good advice....more

Mayer Brown

EU Cyber Legislation Puts Emphasis on Board Responsibility

Mayer Brown on

What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more

Mitratech Holdings, Inc

Compliance Down Under: Understanding Australian Regulation CPS 230

Mitratech Holdings, Inc on

The Australian Prudential Regulation Authority (APRA) released Prudential Standard CPS 230 in March 2017. At a glance, the regulation aims to strengthen the cybersecurity resilience and operational risk management of the...more

Parker Poe Adams & Bernstein LLP

The Increasing Importance of Cybersecurity Readiness in the Municipal Bond Market: How Public Institutions Can Respond

Parker Poe Adams & Bernstein LLP on

In today's evolving world of security and data privacy, K-12 schools, universities, local governments, and hospitals are increasingly finding themselves on the same list: vulnerable to the threat of a cyberattack....more

Barnea Jaffa Lande & Co.

Legal Guide for Implementing AI Tools in Organizations

Barnea Jaffa Lande & Co. on

Examining AI tools: Before deciding to purchase and implement AI tools in an organization, one must consider various aspects, including privacy issues, discrimination, copyright protection, and suppliers and contracts. The...more

Guidepost Solutions LLC

The SEC has new Cybersecurity Rules. Are you prepared and ready?

Guidepost Solutions LLC on

On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions.  Additionally,...more

Eversheds Sutherland (US) LLP

SEC adopts new rules to expand public company disclosure relating to cybersecurity by year end

Eversheds Sutherland (US) LLP on

On July 26, 2023, the US Securities and Exchange Commission (SEC) released final rules requiring disclosure by public companies of material cybersecurity incidents and policies and procedures related to cybersecurity risk...more

Epiq

Deepfakes Bring Deep Risk

Epiq on

Most people know what a deepfake is but have not put much thought into how it could affect business operations. Deepfakes are videos, pictures, or audio that have been convincingly manipulated to misrepresent a person saying...more

Holland & Knight LLP

Changing of the Guard? SEC Proposes Significant Amendments to the Safeguards Rule

Holland & Knight LLP on

The SEC continued its recent onslaught of proposed cybersecurity rules in mid-March with three new proposals covering a litany of entities, including investment advisers, broker-dealers, investment companies, clearing...more

BCLP

Cyber laws will be updated to boost UK’s resilience against online attacks

BCLP on

The UK government confirmed on 30 November 2022 that there will be changes to the UK’s cybersecurity regulations in response to a public consultation launched earlier this year. This follows recent updates relating to the...more

Mitratech Holdings, Inc

What is a Vendor Risk Assessment?

Mitratech Holdings, Inc on

We recently dove into what vendor risk and vendor risk management entails. Once you understand that this is the risk that results from vendors, it’s simple to extend this and establish that vendor risk assessment (VRA), or...more

BCLP

Supervision of Vendors When Outsourcing - The Buck Stops with FINRA Member Firms

BCLP on

Key Takeaways: ..On August 13, 2021, FINRA issued Regulatory Notice 21-29 (“RN 21-29”) to remind member firms that they must establish and maintain an adequate supervisory system, including written supervisory procedures...more

Mitratech Holdings, Inc

What is Vendor Risk & Vendor Risk Management (VRM)?

Mitratech Holdings, Inc on

Vendor risk management (VRM), or third-party risk management, is the management, monitoring, and evaluation of risks that result from third-party vendors and suppliers of products and services. It’s a crucial initiative...more

Lowenstein Sandler LLP

A Look Ahead: US FDA And Medical Device Regulations In 2021

Lowenstein Sandler LLP on

The pandemic year of 2020 presented FDA with many enormous challenges, including how to use emergency authorizations to approve diagnostic tests, personal protective equipment, and therapies, how to conduct remote...more

King & Spalding

Energy Newsletter - April 2020

King & Spalding on

Developing Contingency Plans: The NYDFS Mandate on Licensed Virtual Currency Businesses - The events surrounding COVID-19 have increased the use of fintech products, both out of necessity and convenience. Shelter-in-place...more

Mintz - Privacy & Cybersecurity Viewpoints

New York Dept of Financial Services (NYDFS) Extends Cybersecurity Compliance Deadline

Mintz - Privacy & Cybersecurity Viewpoints on

The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency. The announcement from the Superintendent of Financial Services of the State...more

35 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide