News & Analysis as of

Cybersecurity Regulatory Requirements Corporate Counsel

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Mintz - Health Care Viewpoints

“False” Sense of Security: DOJ Announces False Claims Act Settlements Related to Failure to Comply with Cybersecurity Requirements

On July 31, 2025, the United States Department of Justice (DOJ) announced a pair of settlements with companies accused of having violated the False Claims Act (FCA) by falsely representing their compliance with certain...more

Shook, Hardy & Bacon L.L.P.

California Adopts Regulations on Cybersecurity Audits

California has approved new regulations requiring some companies to conduct annual audits of their cybersecurity programs, including the policies, procedures, and practices for protecting personal information. On July 24,...more

Seyfarth Shaw LLP

California Privacy Protection Agency (CPPA) Finally Voted to Adopt Much Debated Update to CCPA Regulations: What Your Business...

Seyfarth Shaw LLP on

On July 24, 2025, the California Privacy Protection Agency (“CPPA”) unanimously voted to adopt a package of Proposed Regulations for the California Consumer Privacy Act (“CCPA”), marking a significant development in...more

Skadden, Arps, Slate, Meagher & Flom LLP

The Last Piece of DORA Falls Into Place: 10 Lessons From the First Six Months

- What is new: The EU’s Delegated Regulation on Subcontracting has come into force, completing the legal framework of the Digital Operational Resilience Act (DORA). Attention will now turn to enforcement. - Why it matters:...more

Paul Hastings LLP

ICO Annual Report Provides Insight Into Data Protection Risks for Businesses

Paul Hastings LLP on

The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more

Clark Hill PLC

Key lessons on the False Claims Act for government contractors after Raytheon’s $8.4 million settlement

Clark Hill PLC on

Government contractors should be on high alert following the recent announcement that Raytheon Company, its parent RTX Corporation, and Nightwing Group, LLC, have agreed to pay $8.4 million to resolve allegations of violating...more

Baker Botts L.L.P.

EU Releases General-Purpose AI Code of Practice

Baker Botts L.L.P. on

On July 10, 2025, the EU published its Code of Practice for General-Purpose AI Models, a comprehensive, though not exhaustive, framework designed to guide Artificial Intelligence ("AI") providers in complying with the...more

Womble Bond Dickinson

The ICO’s Penalty Against 23andMe Brings New Emphasis on Cybersecurity Risks - Key Takeaways for U.S. Companies

Womble Bond Dickinson on

The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more

Sheppard Mullin Richter & Hampton LLP

North Dakota Passes New Data Security Law for “Financial Corporations”

North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more

Hogan Lovells

Australia mandates first-of-its-kind reporting of ransomware payments

Hogan Lovells on

Australia has implemented a first-of-its kind requirement for eligible businesses to report ransomware payments. From 30 May 2025, eligible businesses that make a payment in response to a cyber security incident, or become...more

Sheppard Mullin Richter & Hampton LLP

Trump’s New Cybersecurity Executive Order: What Contractors Need to Know

On June 6, 2025, the Trump Administration released a new Executive Order (“EO”) on cybersecurity, Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order...more

Foley & Lardner LLP

Another FCA Cybersecurity Settlement Reinforces the Enforcement Trend

Foley & Lardner LLP on

A recent United States Department of Justice (DOJ) announcement highlights the fact that the government’s emphasis on cybersecurity enforcement under the False Claims Act (FCA) is not slowing down. According to the press...more

A&O Shearman

Defense Contractors To Pay $8.4 Million To Resolve False Claims Act Allegations Surrounding Non-Compliance With Cybersecurity...

A&O Shearman on

On May 1, 2025, the U.S. Department of Justice announced an $8.4 million settlement agreement with several defense contract companies (“companies”) resolving alleged violations of the False Claims Act. The settlement...more

Perkins Coie

Buckle Up! CPPA Is Driving Privacy Regulation and Enforcement Forward

Perkins Coie on

After a relatively slow start to 2025, the California Privacy Protection Agency (CPPA) is firing on all cylinders now. In recent weeks, the CPPA (i) revised the proposed Delete Request and Opt-out Platform (DROP) regulations...more

Skadden, Arps, Slate, Meagher & Flom LLP

Key Themes From the 2025 IAPP Global Privacy Summit

On April 23 and 24, 2025, regulators, industry leaders and data privacy leaders from across the globe convened in Washington, D.C. for the 2025 International Association of Privacy Professionals (IAPP) Global Privacy Summit....more

Skadden, Arps, Slate, Meagher & Flom LLP

Eight-State Consortium of Privacy Regulators Marks Shift Toward Coordinated Enforcement

In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more

Bass, Berry & Sims PLC

Key Takeaways from DOJ’s Continued Cybersecurity Enforcement

Bass, Berry & Sims PLC on

On March 25, the U.S. Department of Justice (DOJ) announced a $4.6 million settlement with MORSECORP, Inc. (MORSE) over its alleged failures to satisfy cybersecurity requirements for federal defense contractors....more

Goodwin

DOJ’s Data Export Rule Is In Force April 8: What You Need to Do

Goodwin on

On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more

Mintz - Privacy & Cybersecurity Viewpoints

DOJ: ‘False Claims Act + Cybersecurity’ Is Here To Stay

Amid ongoing policy shifts in Washington, the federal government’s interest in pursuing civil cyber-fraud cases appears to be here to stay. In October 2021, the Department of Justice (DOJ) initiated its Civil Cyber-Fraud...more

Lowenstein Sandler LLP

Top AI Risks General Counsels Should Address

Lowenstein Sandler LLP on

Considering the rapid development and deployment of artificial intelligence (AI) in a wide array of applications and business sectors, it can be a daunting task for a company’s General Counsel (GC) to keep pace in identifying...more

Faegre Drinker Biddle & Reath LLP

Lessons from PayPal’s $2 Million Cybersecurity Settlement with the New York State Department of Financial Services

On January 23, 2025, PayPal settled an enforcement action brought by the New York State Department of Financial Services (NY DFS) for failing to comply with cybersecurity regulations required for financial services businesses...more

Vinson & Elkins LLP

Watch What You Say: SEC Enforcement Scrutinizes Cybersecurity Incident Disclosures

Vinson & Elkins LLP on

On January 13, 2025, the Securities and Exchange Commission (“SEC”) filed a settled enforcement action against Ashford Inc. (“Ashford” or “the Company”), a company that provides products and services to the real estate and...more

McDermott Will & Schulte

Data Privacy and Cybersecurity Developments We Are Watching in 2025

The act of predicting what will become the dominating storyline of data privacy and cybersecurity in 2025 is a hazardous enterprise, as one is almost surely to get something wrong. Without fail, every year, regulators and the...more

Shook, Hardy & Bacon L.L.P.

California Jumps Into Privacy Rulemaking (Again)

The California Privacy Protection Agency (CPPA) is starting formal rulemaking (again) as they move beyond the pre-rulemaking drafts that were debated for a little over a year. During their November 8, 2024, board meeting, the...more

Carlton Fields

CPPA Advances New Privacy Rules for Businesses

Carlton Fields on

The California Privacy Protection Agency (CPPA), at its board meeting on November 8, 2024, voted 4–1 to advance proposed regulations to a formal rulemaking. As currently drafted, these regulations would, among other things...more

59 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide