Dan Ongaro

Dan Ongaro

Hogan Lovells

Contact
View Bio
RSS

Latest Posts › Cybersecurity

Share:

NYDFS: Penultimate set of cybersecurity requirements under amended Part 500 take effect May 1, 2025

On May 1, 2025, additional cybersecurity requirements introduced by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) took...more

5/12/2025  /  Cybersecurity , Data Security , Financial Institutions , Financial Services Industry , New Regulations , New York , NYDFS , Regulatory Requirements , Risk Management

Slew of OCR activity underscores agency’s focus on security and AI

Recent enforcement actions, audit activity, proposed rulemakings, and guidance issued by the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) highlight the agency’s focus on health data...more

1/17/2025  /  Artificial Intelligence , Audits , Compliance , Cyber Attacks , Cybersecurity , Data Privacy , Data Security , Enforcement Actions , Health Insurance Portability and Accountability Act (HIPAA) , OCR , Ransomware , Risk Management

Preparing for the CCPA draft regulations on cybersecurity audits

The California Privacy Protection Agency recently released updated draft regulations regarding cybersecurity audits under the California Consumer Privacy Act. On November 8, 2023, the California Privacy Protection Agency...more

3/26/2024  /  California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Privacy , Data Protection , Data Security , Personal Information , Popular , State Privacy Laws

NIST refines Cybersecurity Security Framework, with increased focus on governance and supply chain

NIST has updated its widely used Cybersecurity Framework to provide key updates and practical resources for organizations to manage and discuss cybersecurity risk. The updated framework, which remains voluntary, is designed...more

3/14/2024  /  Cybersecurity , Cybersecurity Framework , NIST , Popular , Risk Management , Supply Chain

FTC amends Safeguards Rule to require non-banking financial institutions to report data breaches

Against the backdrop of the National Cybersecurity Strategy’s stated goal of harmonizing federal cyber incident reporting requirements, new requirements still continue to emerge. Among the latest is a Federal Trade Commission...more

12/7/2023  /  Banking Sector , Cybersecurity , Data Breach , Federal Trade Commission (FTC) , Financial Institutions , Mock Trials , Trial Preparation

NIST seeks feedback on draft Cybersecurity Framework 2.0 - The release of this draft is a critical opportunity for organizations...

The National Institute of Standards and Technology (NIST) seeks feedback on a draft version of its influential cybersecurity guidance, the Cybersecurity Framework (CSF) 2.0. Updates include an expansion of the CSF’s scope,...more

8/16/2023  /  Critical Infrastructure Sectors , Cybersecurity , Cybersecurity Framework , NIST

Aerospace and Defense Insights I Critical input needed: U.S. critical infrastructure asked to engage on proposed cyber reporting...

Through Aerospace & Defense Insights, we share with you the top legal and political issues affecting the aerospace and defense (A&D) industry. Our A&D industry team monitors the latest developments to help our clients stay in...more

10/27/2022  /  Critical Infrastructure Sectors , Cyber Attacks , Cybersecurity , Data Protection , Data Security , Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) , National Security

NHTSA issues updated cybersecurity best practices for the safety of modern vehicles

The National Highway Traffic Safety Administration (“NHTSA”) recently issued updated guidance on cybersecurity best practices for motor vehicle safety. This non-binding guidance demonstrates NHTSA’s continued emphasis on...more

9/19/2022  /  Automotive Industry , Cybersecurity , Data Privacy , Manufacturers , New Guidance , NHTSA , Popular , Privacy Concerns , Safety Standards

Critical input needed: US critical infrastructure asked to engage on proposed cyber reporting rules

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a Request for Information (RFI) and announced “public listening sessions” soliciting input in advance of formal rulemaking under the Cyber Incident...more

9/13/2022  /  Critical Infrastructure Sectors , Cyber Attacks , Cyber Incident Reporting , Cyber Threats , Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , Ransomware , Rulemaking Process
9 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide