News & Analysis as of

Information Technology Cybersecurity Third-Party Service Provider

A&O Shearman

EC publishes draft delegated regulation on subcontracting RTS under DORA

A&O Shearman on

On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Supply Chain Attacks in the UK: Reducing Risk and Preparing for Upcoming Legal Changes

Effective information security is no longer just dependent on an organisation’s own internal cybersecurity controls. The UK Information Commissioner’s Office (ICO) highlights that third-party service providers are processing...more

BCLP

The EU’s Digital Operational Resilience Act 2022/2554 (DORA)

BCLP on

Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more

Mayer Brown

EU Cyber Legislation Puts Emphasis on Board Responsibility

Mayer Brown on

What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more

Jones Day

NYDFS Expands Cybersecurity Regulations: Extortion Payment Reporting, Corporate Governance, and Technical Requirements

Jones Day on

A major amendment to the New York State Department of Financial Services' cybersecurity regulations establishes affirmative cybersecurity oversight duties and requires companies to report extortion payments to the agency....more

Pillsbury Winthrop Shaw Pittman LLP

Upcoming EU Rules on Digital Operational Resilience

There will be additional compliance obligations and mandatory contractual provisions introduced for financial entities and outsourced IT service providers. The new DORA seeks to strengthen the resilience of financial...more

Benesch

Protecting Your Business in a Digital World: Top 10 Questions for Internal Teams and Stakeholders

Benesch on

The questions below are intended to help in-house counsel obtain the most important information related to technology projects so they can evaluate risks to the company’s data, intellectual property, and commercial interests,...more

BCLP

Cyber laws will be updated to boost UK’s resilience against online attacks

BCLP on

The UK government confirmed on 30 November 2022 that there will be changes to the UK’s cybersecurity regulations in response to a public consultation launched earlier this year. This follows recent updates relating to the...more

Robinson+Cole Data Privacy + Security Insider

SolarWinds Hackers Focus on Downstream Vendors as Next Victims

In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more

Hogan Lovells

NYDFS recommends critical new practices to reduce supply chain risk in wake of SolarWinds attack

Hogan Lovells on

On April 27, 2021, the New York State Department of Financial Services (“DFS” or the “Department”) released a report regarding its investigation into the response by DFS covered entities to the SolarWinds supply chain attack....more

Jackson Lewis P.C.

Personal Data From Thousands Of Pension Plan Accounts Breached…Third-Party Service Provider Blamed

Jackson Lewis P.C. on

One of the last things pension plan participants would want to learn as they get ready to celebrate the Christmas holiday is that personal data from their pension accounts may have been compromised. This is the case,...more

King & Spalding

Energy Newsletter - April 2020

King & Spalding on

Developing Contingency Plans: The NYDFS Mandate on Licensed Virtual Currency Businesses - The events surrounding COVID-19 have increased the use of fintech products, both out of necessity and convenience. Shelter-in-place...more

Mintz - Privacy & Cybersecurity Viewpoints

New York Dept of Financial Services (NYDFS) Extends Cybersecurity Compliance Deadline

The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency. The announcement from the Superintendent of Financial Services of the State...more

BCLP

Getting The Deal Through - Cloud Computing 2020

BCLP on

What kinds of cloud computing transactions take place in your jurisdiction? As a G7 economy with mature IT and related services markets, the UK is one of the most important global markets for cloud computing. According to...more

Robinson+Cole Data Privacy + Security Insider

New York Department of Financial Services Cybersecurity Regulation 18-month Compliance Deadline Arrives

On September 4, 2018, the third stage of compliance deadlines under the New York Department of Financial Services’ (DFS) expansive cybersecurity regulation went into effect....more

Ballard Spahr LLP

South Carolina Enacts First Insurance Data Security Act

Ballard Spahr LLP on

South Carolina has become the first state to enact a version of the Insurance Data Security Model Law, which was drafted by the National Association of Insurance Commissioners (NAIC) in 2017. Governor Henry McMaster signed...more

Hogan Lovells

A Guide to NYDFS Cybersecurity Regulations’ August 28 Implementation Deadline

Hogan Lovells on

As a follow-up to our previous reports (December 30, 2016 Alert; February 24, 2017 Alert) regarding the cybersecurity regulations issued by the New York State Department of Financial Services (NYDFS), we would like to remind...more

Robinson+Cole Data Privacy + Security Insider

New York Financial Services Cybersecurity Regulations Go Into Effect on March 1st

We have previously reported about the upcoming New York Financial Services Cybersecurity Regulations. On February 16, 2017, Governor Andrew M. Cuomo announced that “the first-in the-nation cybersecurity regulation to protect...more

Hogan Lovells

The “Final Final” is Here: NYDFS Cybersecurity Regulations

Hogan Lovells on

As Hogan Lovells previously reported, the New York State Department of Financial Services (NYDFS) has launched a significant initiative to impose detailed cybersecurity requirements on covered financial institutions. On...more

Carlton Fields

NY DFS Cybersecurity Regulations Take Effect March 1, 2017

Carlton Fields on

We previously reported on the New York Department of Financial Services’ proposed cybersecurity regulations. During the public comment period, the DFS received over 150 comments. In response, the DFS announced on December 28,...more

Foley Hoag LLP - Security, Privacy and the...

CFTC Approves NFA Interpretive Notice on Information Systems Security Programs, Including Cybersecurity Guidance

The CFTC recently approved the National Futures Association’s interpretive notice (the “Cybersecurity Notice”) on the general requirements that members should implement for their information systems security programs...more

Carlton Fields

NYDFS Report Foreshadows New Cyber Security Regulations

Carlton Fields on

The New York State Department of Financial Services (NYDFS) has released a report entitled "Update on Cyber Security in the Banking Sector: Third Party Service Providers." The report details the findings of an October, 2014...more

22 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide