News & Analysis as of

New Rules Cybersecurity

Goodwin

DOJ’s Data Export Rule Is In Force April 8: What You Need to Do

Goodwin on

On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more

A&O Shearman

DOJ/CISA finalize new rules regarding data transfers to countries of concern

A&O Shearman on

On December 27, 2024, the U.S. Department of Justice (DOJ) announced its final rule on the transfer of certain bulk sensitive personal data to China, Russia, and other countries. Following this, on January 3, 2025, the U.S....more

Skadden, Arps, Slate, Meagher & Flom LLP

CFPB Releases Final ‘Open Banking’ Rule on Personal Financial Data Rights

On October 22, 2024, the Consumer Financial Protection Bureau (CFPB) issued a final rule (Rule) on personal financial data rights under Section 1033 of the Dodd-Frank Act. The Rule imposes significant new obligations on...more

Schwabe, Williamson & Wyatt PC

DoD Contractors: It’s Go Time for CMMC

On December 16, the U.S. Department of Defense’s Cybersecurity Maturity Model Certification Program (CMMC) final rule (the “CMMC Program Rule”) will become effective, to codify the CMMC requirements and assessment processes....more

Snell & Wilmer

SEC Division of Examinations Priorities for 2025: Examinations Will Prioritize New Rules for Form PF and Regulation S-P, Fiduciary...

Snell & Wilmer on

On October 21, 2024, the Division of Examinations (the “Division”) of the U.S. Securities and Exchange Commission (the “SEC”) issued its annual examination priorities for fiscal year 2025. As with its 2024 examination...more

Harris Beach Murtha PLLC

New Rule Requires Defense Contractors to Meet Cybersecurity Standards

The Office of Information and Regulatory Affairs (OIRA) recently cleared the final rule for the U. S. Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) program, putting the agency one step closer to...more

Spilman Thomas & Battle, PLLC

The Health Record - Healthcare Law Insights, Issue 5, September 2024

Welcome to our fourth issue of The Health Record - our healthcare law insights e-newsletter. In this edition, we take a look at the Biden administration's proposed insurance rule regarding mental health and substance use...more

Keating Muething & Klekamp PLL

Benefits Monthly Minute - September 2024

The September Monthly Minute highlights the DOL’s extension of existing cybersecurity guidance to health and welfare plans and also addresses the new HIPAA reproductive health privacy rule....more

Foley & Lardner LLP

Down But Not Out: Federal Court Curbs SEC Cybersecurity Enforcement Authority

Foley & Lardner LLP on

In a stinging rebuke of its attempted cybersecurity-related enforcement against a public company, a federal judge recently dismissed most of the charges that the U.S. Securities and Exchange Commission (SEC) had filed against...more

Latham & Watkins LLP

SEC Imposes New Cybersecurity Requirements on Broker-Dealers, Investment Companies, Registered Investment Advisers, and Transfer...

Latham & Watkins LLP on

Covered institutions will need to review their cybersecurity and incident response policies and procedures ahead of the applicable compliance deadline. ...more

Woodruff Sawyer

[Webinar] D&O Insurance Trends: Looking Ahead to 2025 - September 17th, 10:00 am - 11:00 am PT

Woodruff Sawyer on

The streak of good news in D&O litigation risk ends this year, with a rise in class action filings and bigger settlements. But the D&O market is still soft, so staying on top of the evolving risk landscape will help you...more

Mayer Brown Free Writings + Perspectives

SEC Announces New Cybersecurity Interpretations

The SEC’s Division of Corporation Finance yesterday published five new Compliance and Disclosure Interpretations, or “C&DIs,” all concerning Item 1.05 of Exchange Act Form 8-K, Disclosure of Cybersecurity Incidents....more

Epiq

New SEC Cybersecurity Rules: What to Know and How to Remain Compliant

Epiq on

As addressing cybersecurity issues continues to become a top priority throughout the financial industry, the U.S. Securities and Exchange Commission (SEC) is following suit. The SEC unanimously voted to approve a new set of...more

Mintz - Privacy & Cybersecurity Viewpoints

SEC Issues New Statement on Cybersecurity Incident Disclosure

Last week, Erik Gerding, Director of the SEC’s Division of Corporation Finance (the Division), issued a statement providing clarification regarding the disclosure of cybersecurity incidents by reporting companies. This...more

Bradley Arant Boult Cummings LLP

Mandatory Cybersecurity Incident Reporting: The Dawn of a New Era for Businesses

A significant shift in cybersecurity compliance is on the horizon, and businesses need to prepare. Starting in 2024, organizations will face new requirements to report cybersecurity incidents and ransomware payments to the...more

Baker Donelson

[Webinar] New Privacy and Cybersecurity Regulations: What Financial Institutions Need to Know to Stay Compliant - June 13th, 10:00...

Baker Donelson on

The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more

Proskauer - The Capital Commitment

Cybersecurity Continues to be a Focal Point for Regulators in 2024

The SEC’s new and proposed rules on cybersecurity and cyber-incident reporting will have a dual impact on private investment advisers and funds. First, the proposal by the SEC will impose cybersecurity related...more

Benesch

Document Retention for Motor Carriers and Transportation Brokers

Benesch on

Transportation services providers are increasingly facing new technology-oriented threats in day-to-day business. Recent cyberattacks and the potential for serious disruption from threat actors have drawn the attention of the...more

Bass, Berry & Sims PLC

CISA Publishes Proposed Rule for Cyber Reporting

Bass, Berry & Sims PLC on

On April 4, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) published its much-anticipated Notice of Proposed Rule Making for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA)....more

Pillsbury Winthrop Shaw Pittman LLP

New CISA Rule Would Require Widespread Cyber Incident Reporting, Updated Timelines and Penalties for Critical Infrastructure...

Most businesses in the United States will have to file incident reports—including for ransomware payments—under the Proposed Rule. The Department of Homeland Security has the authority to issue subpoenas and even penalties...more

Jenner & Block

Client Alert: CISA Announces Proposed Cyber Incident Reporting Rule

Jenner & Block on

On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA), an operational component of the Department of Homeland Security (DHS), posted for public inspection its long-anticipated notice of proposed...more

Woods Rogers

Proposed Federal Cyber Incident Reporting Rule Adds Hefty Federal Reporting Requirements to Critical Infrastructure Sector and...

Woods Rogers on

The federal Cybersecurity and Infrastructure Security Agency (CISA) released a draft of its proposed rule detailing how covered entities operating in critical infrastructure sectors report cyberattacks and ransomware payments...more

Proskauer - The Capital Commitment

Examining the SEC’s Slew of Recent Rules and Amendments

In a wave of SEC rulemaking this past year, representing a “new world order” event akin to Dodd-Frank, the SEC has provided itself with a fresh set of tools to increase regulatory and enforcement scrutiny on private funds....more

Goodwin

DoD Significantly Expands Voluntary Cybersecurity Program for Defense Contractors

Goodwin on

The U.S. Department of Defense (DoD) published a finalized rule on March 12, 2024, which expands access to defense contractors who wish to participate in the Defense Industrial Base (DIB) Cybersecurity (CS) Program....more

Dechert LLP

Exploring DORA’s ICT Risk Requirements: Key Issues for Asset Managers

Dechert LLP on

DORA became law in December 2022 but provides for a grace period until 17 January 2025 for organisations to put in place the necessary measures to comply. The new rules will require engagement from both an operational and...more

117 Results
 / 
View per page
Page: of 5

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide