The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
In May, Santander Bank faced a significant cybersecurity breach that affected millions of its customers and employees worldwide. The hacking group ShinyHunters claimed responsibility for the attack, which also targeted...more
In this month's article, we share some of our top "bites" covered during the April 2024 webinar....more
In April 2024, the UK government reiterated its vision for open finance, with UK Economic Secretary Bim Afolami (MP) announcing the creation of the Open Finance Taskforce at the 2024 Innovate Finance Global Summit. The...more
Coyote, a new Brazilian malware, is currently hunting down credentials for sixty-one (61) different banking applications. Researchers expect the malware to spread internationally. Russian cybersecurity firm Kaspersky has...more
This is the last post in our series on the UK Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) proposals to introduce a new regulatory framework on diversity and inclusion (D&I) in the financial...more
On November 1, the New York Department of Financial Services (NYDFS) amended its cybersecurity regulations to set additional notification, administrative, training and technical requirements. The Amended Cybersecurity...more
The latest UK Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) proposals for improving diversity and inclusion in financial services include requiring firms to report on six new inclusion metrics....more
On November 1, 2023, the New York State Department of Financial Services (“NYDFS”) issued its Second Amendment (the “Amendment”) to its Cybersecurity Requirements for Financial Services Companies adopted in 2017, codified in...more
Post six in our blog series on the UK Financial Conduct Authority and Prudential Regulation Authority proposals to improve diversity and inclusion (D&I) in UK financial services considers the D&I data firms would be required...more
The latest post in our blog series looking at the UK Financial Conduct Authority and Prudential Regulation Authority proposals to improve diversity and inclusion (D&I) in the financial services industry focusses on data...more
The UK Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) are consulting on proposals to introduce a new financial services regulatory framework on diversity and inclusion (D&I) in the financial...more
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) issued an advance notice of proposed rulemaking (ANPR) with respect to a new consumer financial data portability rule mandated by Section 1033 of the...more
In 2017, the New York Department of Financial Services (“NYDFS”) enacted a landmark regulation requiring financial services institutions such as banks and insurance companies in the state to meet substantial cybersecurity...more
Welcome to the latest edition of Updata – the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
On October 27, the Federal Trade Commission (FTC or Commission) published a final rule expanding data breach notification requirements for certain financial institutions (Final Rule). Federal Register, will require entities...more
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) announced its long-awaited proposed rule regulating “Personal Financial Data Rights” (the proposed rule). The proposed rule implements Section 1033 of the...more
On Oct. 19, 2023, the Consumer Financial Protection Bureau (CFPB) released a Notice of Proposed Rulemaking (NPRM) on Personal Financial Data Rights, which would change the way financial institutions hold and distribute...more
The UK financial services regulators are setting out to move the dial when it comes to diversity and inclusion (D&I) in the financial services sector. D&I strategies, targets and disclosures are all included in their new...more
In a previous alert, Too Important To Fail? Further Light on When EU and Non-EU Technology Providers Will Become Subject To DORA, we discussed the EU Digital Operational Resilience Act (DORA). We have also set up a microsite...more
On June 22, the Court of Justice of the European Union (CJEU) issued a judgment concluding that banks are not exempt from providing information upon request about when and why an individual’s data was accessed. However, banks...more
On April 20, the Kansas governor signed SB 44 to enact the Kansas financial institutions information security act. The Act establishes information security standards for covered entities, and applies to credit service...more
Cybersecurity Alert: Silicon Valley Bank and Signature Bank Fallout - Undoubtedly, cyber criminals are out in full force with phishing links and other scams trying to capitalize on the disruption and panic that many...more
As organizations in the financial sector continue to migrate IT and business services to the cloud and adopt other cloud offerings, it is important that financial institutions understand the risks associated with each. A U.S....more
The financial services sector must already contend with a maze of regulations in a variety of areas, and 2023 is poised to usher in new cybersecurity regulations for the industry. Organizations should ensure their security...more
The New York Department of Financial Services (NYDFS) has published a proposal to amend its cybersecurity rules, which will require regulated companies to notify the NYDFS of a third-party cybersecurity incident within 72...more