Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
CFPB Issues Filing Instructions Guide for Small Business Lending Data - The CFPB has published instructions for banks and other covered financial institutions to submit small business lending data that is required to be...more
To keep you informed of recent activities, below are several of the most significant federal and state events that have influenced the Consumer Financial Services industry over the past week...more
Start Planning Now to Reduce Your Increased Money Laundering, Sanctions, and Conflicts of Interest Risks The introduction and use of generative artificial intelligence (GenAI) and predictive data analytics (PDAs) by...more
The American Hospital Association (AHA) has warned that information technology (IT) help desks are being targeted in a social engineering scheme that uses the stolen identity of revenue cycle employees or employees in other...more
President Biden’s recent Executive Order on Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence: Establishes a federal government-wide effort to mitigate risks of improper AI development and use. ...more
Editor’s Note: The FTC continues to crack down on privacy and cybersecurity, including issuing a new warning to tax preparation companies and entering into a consent decree with 1Health.io. VPPA and BIPA litigation continues...more
The New York State Department of Financial Services (NYDFS) recently published a revised proposed second amendment to its cybersecurity regulation, 23 NYCRR 500. ...more
Designed for busy in-house counsel and compliance professionals, this newsletter seeks to bring you up to speed on key federal and state False Claims Act (FCA) developments, with links to primary resources. Each quarter, we...more
Account security and digital identity have been hot topics for regulators and at the National Institute of Standards and Technology (NIST). The government has been promoting multifactor authentication (MFA) and innovation in...more
Like most industries today, Consumer Finance Services businesses are significantly impacted by the novel coronavirus (COVID-19). In response, Troutman Pepper has developed a dedicated COVID-19 Resource Center to guide clients...more
As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages between $100-$750 per incident, even in the absence of any actual...more
On August 28, 2019, the Federal Financial Institutions Examination Council (FFIEC) issued a press release encouraging organizations to utilize a standardized approach to assess and improve cybersecurity preparedness. ...more
The International Organization of Securities Commissions has published the final report of its Cyber Task Force on cyber regulation. The report sets out how IOSCO member jurisdictions apply three recognized cyber frameworks -...more
A coalition of industry groups has unveiled a new cyber compliance profile framework specifically for financial institutions, aimed at streamlining regulatory burdens....more
CA IoT Cybersecurity Bill Heads To Governor’s Desk The bill (SB-327), if signed by Gov. Brown, will take effect on January 1, 2020. It is aimed at securing connected devices. The bill states that, “a manufacturer of a...more
NIST has published Special Publication (SP) 1800-5, “IT Asset Management” to help financial service companies monitor and manage IT assets. ...more
JONES DAY CYBERSECURITY, PRIVACY & DATA PROTECTION ATTORNEY SPOTLIGHT: Richard Martinez - Europe's new General Data Protection Regulation ("GDPR") is driving an evolution in corporate privacy practices globally. As...more
Financial institutions covered by the New York State Department of Financial Services’ (NYDFS) new Cybersecurity Requirements for Financial Services Companies must file their first annual certification by February 15, 2018....more
President Donald Trump has signed an executive order addressing cybersecurity. But for financial institutions, is the executive order much ado about nothing? Not exactly....more
In our series of posts leading up to the August 28th deadline for the first phase of requirements under New York’s cybersecurity regulation, the Patterson Belknap team looks at issues that institutions face as they implement...more
EDITOR’S NOTE - In like a lion, out like a lamb—it works for weather; does it work for new administrations? We’ll have to wait and see. We’ll have to wait and see about the length of CFPB Director Richard Cordray’s...more
Last year’s proposed comprehensive framework for cybersecurity rules for large financial institutions is suddenly facing an uncertain future. With the comment period having closed as of February 2017, the framework was facing...more
The New York Department of Financial Services (NYDFS)’s finalized Cybersecurity Requirements for Financial Services Companies (“regulations”), went into effect on March 1, 2017. NYDFS has provided a 6 month safe harbor to...more
In late December, New York State’s Department of Financial Services (“DFS”) released its revised proposed cybersecurity regulation (the “DFS Rule”). While the revisions pare back some of the DFS Rule’s original requirements...more
As we previously reported, in September 2016 the New York Department of Financial Services (the “DFS”) proposed a regulation that would require banks, insurance companies and other financial services institutions regulated by...more