Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
CFPB Issues Filing Instructions Guide for Small Business Lending Data - The CFPB has published instructions for banks and other covered financial institutions to submit small business lending data that is required to be...more
On June 26, the OCC issued Bulletin 2023-22 announcing recent updates to the agency’s approach to cybersecurity assessment procedures. The Cybersecurity Supervision Work Program (CSW) provides high-level examination...more
Like most industries today, Consumer Finance Services businesses are being significantly impacted by the novel coronavirus (COVID-19). Troutman Pepper has developed a dedicated COVID-19 Resource Center to guide clients...more
On August 28, 2019, the Federal Financial Institutions Examination Council (FFIEC) issued a press release encouraging organizations to utilize a standardized approach to assess and improve cybersecurity preparedness. ...more
Agencies Issue Joint Statement on BSA/AML Resource Sharing Arrangements - The federal banking agencies, along with the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) and the NCUA, have...more
NIST has published Special Publication (SP) 1800-5, “IT Asset Management” to help financial service companies monitor and manage IT assets. ...more
Federal Banking Agencies Issue New Guidance for Banks Affected by a Major Disaster - The federal banking agencies have jointly issued new guidance on the supervisory practices to be followed in assessing the financial...more
President Donald Trump has signed an executive order addressing cybersecurity. But for financial institutions, is the executive order much ado about nothing? Not exactly....more
In our series of posts leading up to the August 28th deadline for the first phase of requirements under New York’s cybersecurity regulation, the Patterson Belknap team looks at issues that institutions face as they implement...more
EDITOR’S NOTE - In like a lion, out like a lamb—it works for weather; does it work for new administrations? We’ll have to wait and see. We’ll have to wait and see about the length of CFPB Director Richard Cordray’s...more
On September 13, 2016, Governor Andrew Cuomo announced the first proposed broadly applicable cyber regulation in the U.S. (the “Regulation”). The Regulation covers banks, insurance companies and other financial institutions...more
The Federal Financial Institutions Examination Council (FFIEC)—the interagency body tasked with setting uniform principals and standards for the examination of financial institutions by federal prudential regulators,...more
Cybersecurity has been a focus as part of bank exams for years. Now the Federal Deposit Insurance Corp. (FDIC) is increasing its scrutiny of banks’ cybersecurity practices to ensure that the issue is getting appropriate...more
All organizations, including financial institutions, continue to face significant security threats across their wide ranging IT systems. Such organizations are particularly vulnerable if they cannot track networked devices...more
The National Cybersecurity Center of Excellence is seeking comments on a draft practice guide, entitled “IT Asset Management (Special Publication 1800-5a)” which is “designed to help the financial services industry monitor...more
As financial institutions of all sizes continue to face unprecedented cybersecurity risk, the Federal Financial Institutions Examination Council (FFIEC) released its Cybersecurity Assessment Tool. The Assessment is...more
Part of Bradley Arant’s Privacy and Information Security Team’s seven-part Data Breach Toolkit Webinar Series, the “Data Breach Response Planning: Laying the Right Foundation” webinar, led by Paige Boshell and Amy Leopard,...more
The Federal Trade Commission (FTC) can regulate cybersecurity policies and procedures as “unfair” acts or practices under Section 5 of the FTC Act, the U.S. Court of Appeals for the Third Circuit has ruled in a very important...more
Earlier this summer, the Federal Financial Institutions Examination Council (FFIEC) released its highly anticipated Cybersecurity Assessment Tool (Assessment), which is designed to assist financial institutions in identifying...more
On April 9, the New York State Department of Financial Services (NYDFS) released a report on bank vendor cybersecurity that highlights the risk that hackers will use third-party service providers to gain access to bank data....more
Prudential bank regulators and other supervisory authorities have put cybersecurity front and center in 2015 by issuing guidance that sets forth their expectations of improved cybersecurity and that incorporates cybersecurity...more