Financial institutions and securities market participants continue to face escalating cyber threats – in frequency, volume, and severity. The many reasons for the escalating risk include: Financial services companies are...more
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
11/4/2024
/ Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Security ,
Disclosure Requirements ,
Government Agencies ,
Incident Response Plans ,
National Security ,
Regulatory Agenda ,
Regulatory Oversight ,
Reporting Requirements ,
Risk Assessment ,
Risk Management ,
Securities and Exchange Commission (SEC)
BACKGROUND -
On October 16, 2024, the New York State Department of Financial Services (DFS) issued an industry letter, Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks,...more
10/28/2024
/ Artificial Intelligence ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Framework ,
Financial Services Industry ,
NYDFS ,
Regulatory Oversight ,
Risk Assessment ,
Risk Management ,
Third-Party Service Provider
The Cyber and Analytics Unit within the Member Supervision program of the Financial Industry Regulatory Authority, Inc. (“FINRA”) recently published a cybersecurity advisory regarding increasing cybersecurity risks at...more
Mayer Brown Partners Ana Bruder, Justin Herring, and Oliver Yaros focus on cybersecurity risks and regulations in the EU and UK. They explore third-party risks, ransomware incidents, and the impact of AI, while examining how...more
As applications and use cases for digital assets and their blockchain infrastructure grow and become more sophisticated, investments and valuations for businesses in these areas have grown as well. The growing number of...more
5/23/2024
/ Blockchain ,
Corporate Sales Transactions ,
Cryptocurrency ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Security ,
Digital Assets ,
Information Technology ,
Intellectual Property Protection ,
Investment ,
Risk Management
On May 15, 2024, the U.S. Securities and Exchange Commission (“SEC”) adopted amendments (the “Amendments”) to Regulation S-P under the Securities Exchange Act of 1934 (the “Exchange Act”), which governs the treatment of...more
Join us on the latest episode of Financial Services Focus as Justin Herring, Jeff Taft and Ana Bruder discuss key cyber threats facing the financial services industry, including third-party risks, sophisticated ransomware,...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
4/1/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Data Breach ,
Data Preservation ,
Data Protection ,
Data Security ,
Department of Homeland Security (DHS) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
NPRM ,
Proposed Rules ,
Ransomware ,
Regulatory Agenda
On January 29, 2024, the US Department of Commerce’s Bureau of Industry and Security (the “Department”) issued a notice of proposed rulemaking seeking comment on a proposed regulation in response to the Executive Order (E.O.)...more
2/15/2024
/ Artificial Intelligence ,
Bureau of Industry and Security (BIS) ,
Cloud Computing ,
Comment Period ,
Customer Identification Program (CIP) ,
Cybersecurity ,
Executive Orders ,
Financial Institutions ,
IaaS ,
Machine Learning ,
National Security ,
NPRM ,
Proposed Regulation ,
U.S. Commerce Department
On December 12, 2023, the Department of Justice (DOJ) issued guidelines for companies to follow in requesting that the Attorney General authorize delays of cyber incident disclosures required by the U.S. Securities and...more
12/13/2023
/ Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
FBI ,
Form 8-K ,
New Guidance ,
Publicly-Traded Companies ,
Reporting Requirements ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
Engaging third-party providers for technology transactions involves a certain level of cybersecurity risk. In fact, most companies have been through a third-party incident. In this episode, partners Justin Herring and Adam...more