A recent cyberattack on a Michigan township has exposed weaknesses in the bond-closing process. In this incident, hackers stole over $25 million in bond proceeds by using spoofed email addresses to provide fraudulent wire...more
2/3/2025
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Security ,
Financial Institutions ,
Financial Services Industry ,
Fraud ,
Risk Assessment ,
Risk Management ,
Wire Transfers
On November 1, the New York Department of Financial Services (NYDFS) amended its cybersecurity regulations to set additional notification, administrative, training and technical requirements. The Amended Cybersecurity...more
August 28, 2017 marks the end of the initial 180-day grace period for compliance under the New York Department of Financial Services’ “first-in-the-nation” cybersecurity regulations (the “Rules”). The initial regulations...more
8/31/2017
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Covered Entities ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
Insurance Industry ,
NYDFS ,
Personally Identifiable Information ,
Popular ,
Risk Management
Last week, FinCEN (Financial Crimes Enforcement Network) issued a formal Advisory to Financial Institutions and published FAQs outlining specific cybersecurity events that should be reported through Suspicious Activity...more
11/4/2016
/ Anti-Money Laundering ,
Bank Secrecy Act ,
Banking Sector ,
BSA/AML ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Act of 2015 ,
Cybersecurity Framework ,
Data Breach ,
Data Security ,
Distributed Denial of Service ,
FFIEC ,
Financial Institutions ,
FinCEN ,
Information Sharing ,
Malware ,
Patriot Act ,
Ransomware ,
Reporting Requirements ,
Suspicious Activity Reports (SARs)
The coverage landscape for “Business E-mail Compromise” (BEC) scams remains somewhat tenuous, as organizations and carriers continue to battle in court over the extent of coverage. Although recent positive,...more
11/3/2016
/ Appeals ,
Bank Accounts ,
Corporate Counsel ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Insurance ,
Data Breach ,
Email ,
Financial Institutions ,
Hackers ,
Insurance Industry ,
Online Banking ,
Phishing Scams ,
Policy Terms
Even today, most companies—even technology companies—do not think they have information that the U.S. Government wants or needs, particularly as it might relate to a national security investigation. The reality is that as...more
10/14/2016
/ Credit Reporting Agencies ,
ECPA ,
Electronic Communications ,
FBI ,
Financial Institutions ,
Information Requests ,
Internet Service Providers (ISPs) ,
National Security ,
National Security Letters (NSLs) ,
Patriot Act ,
Telecommunications ,
Terrorist Threats
Aravind Swaminathan, global co-chair of Orrick’s Cybersecurity & Data Privacy team, recently spoke with Global Investigations Review regarding new plans proposed by New York’s Department of Financial Services that will...more
9/26/2016
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Financial Institutions ,
Hackers ,
Incident Response Plans ,
Negligence ,
Risk Management
Just as it promised a year ago, New York State proposed new proscriptive, minimum cybersecurity requirements for regulated financial services institutions. The regulations go final after a 45-day notice and public comment...more
As new legislation aimed at facilitating greater cybersecurity information sharing between private industry and government takes effect (i.e., Cybersecurity Information Sharing Act), FinCEN Director Jennifer Shasky Calvery...more
Earlier this summer, the Federal Financial Institutions Examination Council (FFIEC) released its highly anticipated Cybersecurity Assessment Tool (Assessment), which is designed to assist financial institutions in identifying...more
8/26/2015
/ ATMs ,
Banking Sector ,
Banks ,
Caremark claim ,
Cloud Computing ,
Compliance ,
Credit Cards ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Debit Cards ,
FFIEC ,
Financial Institutions ,
Hackers ,
Internet Service Providers (ISPs) ,
Mobile Payments ,
NCUA ,
NIST ,
OCC ,
Regulatory Standards ,
Risk Management