NIST has updated its widely used Cybersecurity Framework to provide key updates and practical resources for organizations to manage and discuss cybersecurity risk. The updated framework, which remains voluntary, is designed...more
On 28 March 2023, the Hogan Lovells New York Retail Team hosted a coffee chat webinar discussing the latest news and developments of 2023 in retail. The event featured Meryl Bernstein (Intellectual Property, Media, and...more
On November 9, 2022, the New York Department of Financial Services (NYDFS) published proposed amendments to significantly expand Cybersecurity Requirements for Financial Services Companies under 23 NYCRR 500 (the “NYDFS...more
Given the deteriorating security situation in Eastern Europe and the potential for widespread cyber disruptions should hostilities break out, we urge clients to re-examine their cybersecurity posture. The U.S. Cybersecurity...more
As cyber adversary capabilities, opportunities and sophistication continue to grow, cyber incidents pose a very real, costly and potentially devastating threat to organizations around the world. With today's cyber ecosystem,...more
9/9/2021
/ Crisis Management ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Incident Response Plans ,
Popular ,
Ransomware ,
Risk Management ,
Webinars
The U.S. Department of Homeland Security (DHS) announced the issuance of a second security directive (Directive) that requires owners and operators of certain critical pipelines carrying hazardous liquids and natural gas to...more
The U.S. Department of Homeland Security (DHS) issued a security directive (Directive) that, for the first time, imposes mandatory cybersecurity requirements on companies in the pipeline industry. ...more
6/4/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Data Protection ,
Department of Homeland Security (DHS) ,
Hackers ,
Information Technology ,
National Security ,
Oil & Gas ,
Pipelines ,
Popular ,
Ransomware ,
Supply Chain ,
Threat Management
Ransomware victims face a nearly impossible decision: pay criminals holding their business hostage or refuse and face possible crippling consequences. This decision requires careful analysis of a number of considerations, and...more
2/25/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Incident Response Plans ,
Information Technology ,
New Guidance ,
NYDFS ,
Personally Identifiable Information ,
Popular ,
Ransomware
On January 12, 2021, the Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve System (Board), and the Federal Deposit Insurance Corporation (FDIC) published a Notice of Proposed...more
1/13/2021
/ Cybersecurity ,
Data Breach ,
Data Protection ,
FDIC ,
Federal Breach Notification Standard ,
Financial Institutions ,
Financial Regulatory Reform ,
Financial Services Industry ,
FRB ,
NPRM ,
OCC ,
Popular ,
Regulatory Requirements
In response to the significant rise in ransomware attacks since the start of the COVID-19 pandemic and just in time for Cybersecurity Awareness Month, the Department of the Treasury’s Financial Crimes Enforcement Network...more
10/6/2020
/ AML/CFT ,
BSA/AML ,
Cyber Crimes ,
Cyber Insurance ,
Cybersecurity ,
Economic Sanctions ,
Financial Institutions ,
Financial Transactions ,
FinCEN ,
Money Services Business ,
National Security ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Privacy Concerns ,
Ransomware ,
Suspicious Activity Reports (SARs)
Last week, the U.S. District Court for the Eastern District of Virginia ordered Capital One to produce a forensic investigation report in multidistrict litigation arising out of the cyber incident Capital One announced in...more
On March 11, the Word Health Organization officially characterized the coronavirus (COVID-19) outbreak as a pandemic. During the outbreak, many employers around the world are seeking to prioritize the well-being and safety of...more
3/16/2020
/ Business Continuity Plans ,
Business Interruption ,
China ,
Coronavirus/COVID-19 ,
Crisis Management ,
Cybersecurity ,
Data Protection ,
Emergency Management Plans ,
Infectious Diseases ,
Information Security ,
Malware ,
Policies and Procedures ,
Popular ,
Public Health ,
Risk Management
In today’s connected world, businesses face constant pressure to improve their cybersecurity practices and to confirm that they are meeting industry standards. To continue helping businesses achieve those goals, the SEC...more
2/7/2020
/ Corporate Governance ,
Cybersecurity ,
Data Loss Prevention ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Employee Training ,
Incident Response Plans ,
Information Governance ,
Mobile Apps ,
Mobile Devices ,
OCIE ,
Popular ,
Risk Management ,
SEC Examination Priorities ,
Securities and Exchange Commission (SEC) ,
Security Standards ,
Vendors
On July 25, New York Governor Andrew Cuomo signed into law a pair of bills establishing new requirements for businesses that process certain personal information related to New York residents. The changes include expanding...more
8/8/2019
/ Biometric Information ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Governor Cuomo ,
Hackers ,
New Legislation ,
Personally Identifiable Information ,
Popular ,
Security Standards ,
SHIELD Act ,
State and Local Government ,
State Data Breach Notification Statutes