No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
On April 14, the OCC released a letter providing more details on the recent security breach involving its email systems. The breach — identified as a major incident under the Federal Information Security Modernization Act...more
On April 8, the OCC announced it had notified Congress of a major information security incident, as required by the Federal Information Security Modernization Act. The incident involved unauthorized access to emails and their...more
On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more
On December 7, the Office of the Comptroller of the Currency (OCC) published the fall edition of its Semiannual Risk Perspective, which discusses key issues facing banks. From the OCC’s perspective, the overall strength of...more
On March 29, 2022, federal banking regulators issued important guidance for how banking organizations can comply with the upcoming requirement to notify regulators within 36 hours of ransomware or other disruptive...more
In This Issue. The U.S. Securities and Exchange Commission (SEC) proposed a new rule to increase market transparency regarding short selling and extended the comment period for its proposed rule requiring reporting on...more
On November 18, 2021, the Federal Deposit Insurance Corporation (FDIC), the Board of Governors of the Federal Reserve System (FRB), and the Office of the Comptroller of the Currency (OCC) issued a joint final rule (the...more
On November 18, 2021, the Federal Reserve, Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC) approved a new final rule regarding reporting of cyber incidents for U.S. banks...more
In This Issue. The Federal Deposit Insurance Corporation (FDIC) is seeking information and comment regarding the FDIC’s supervisory approach to examinations during the pandemic; the FDIC’s tech lab, FIDTECH, announced a “tech...more
In the News. The Board of Governors of the Federal Reserve System (Federal Reserve) proposed rules to modernize the regulations that implement the Community Reinvestment Act (CRA); the Conference of State Bank Supervisors...more
In This Issue. The Securities and Exchange Commission (SEC) adopted amendments to its exemptive applications procedures under the Investment Company Act of 1940, as amended (the 1940 Act) and proposed to amend Form 13F to...more
A series of cyberattacks featuring ransomware rocked the world this weekend, and the aftershocks “could linger” for a while....more
In December 2016, Thomas Curry, the Comptroller of the Currency, stated that cybersecurity was the single greatest systemic threat to our financial system. He was not being hyperbolic. Cybersecurity should be on...more
Updates on the EU: German DPA Publishes First Privacy Shield Guidelines, Requires German-Law Contracts for Transfers. On June 7, 2016, the European Commission adopted the EU-U.S. Privacy Shield. One question that many...more
Continuing the trend of recent years, cybersecurity has remained at the top of the regulatory agenda for several federal and state agencies. For financial institutions, keeping track of the dizzying array of proposed...more
The Office of the Comptroller of the Currency has indicated in a recent bulletin that its examiners will gradually incorporate a Cybersecurity Assessment Tool into its examinations of national banks and other institutions...more
Financial institutions must meet standards for safeguarding customer data given the particularly sensitive information they hold, and regulators have been stepping up their efforts to provide guidance on just how they must do...more
Financial Industry Developments - Agencies Issue Advanced Notice of Proposed Rulemaking on Enhanced Cyber Risk Management Standards - On October 19, 2016, the Federal Reserve Board, the Federal Deposit Insurance...more
Three federal banking agencies have announced plans to develop new rules that would establish cyber risk management and resiliency standards for large interconnected entities under the agencies' supervision, as well as those...more
Three federal banking regulatory agencies have approved an advance notice of proposed rulemaking (ANPR) inviting comment on a set of potential enhanced cybersecurity risk-management and resilience standards that would apply...more
A new set of federal banking regulations are on the horizon aimed at helping financial institutions put in place minimum compliance standards to prevent future cyber-attacks. Bloomberg Law has reported that the Federal...more
As financial institutions of all sizes continue to face unprecedented cybersecurity risk, the Federal Financial Institutions Examination Council (FFIEC) released its Cybersecurity Assessment Tool. The Assessment is...more
Earlier this summer, the Federal Financial Institutions Examination Council (FFIEC) released its highly anticipated Cybersecurity Assessment Tool (Assessment), which is designed to assist financial institutions in identifying...more
The Federal Financial Institutions Examination Council (FFIEC) has recently developed a new tool to help U.S. financial institutions combat the increasing volume and sophistication of cyber attacks. To blunt threats to a...more