News & Analysis as of

Cybersecurity Reporting Requirements Corporate Counsel

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Sheppard Mullin Richter & Hampton LLP

North Dakota Passes New Data Security Law for “Financial Corporations”

Sheppard Mullin Richter & Hampton LLP on

North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more

Hogan Lovells

Australia mandates first-of-its-kind reporting of ransomware payments

Hogan Lovells on

Australia has implemented a first-of-its kind requirement for eligible businesses to report ransomware payments. From 30 May 2025, eligible businesses that make a payment in response to a cyber security incident, or become...more

Husch Blackwell LLP

New York Amends its Data Breach Notification Law

Husch Blackwell LLP on

Keypoint: New York has amended its data breach notification law twice in the last 60 days to (1) add a 30-day deadline for notifying affected residents, (2) clarify that covered financial entities must still notify the New...more

Wiley Rein LLP

CMMC 2.0 Update: DOD Proposed Rule Introduces Standard Terms for Contracts Subject to CMMC 2.0, Including Yet Another 72-Hour...

Wiley Rein LLP on

WHAT: The U.S. Department of Defense (DOD) just published the second of two proposed rules setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The earlier...more

Mintz - Privacy & Cybersecurity Viewpoints

SEC Issues New Statement on Cybersecurity Incident Disclosure

Mintz - Privacy & Cybersecurity Viewpoints on

Last week, Erik Gerding, Director of the SEC’s Division of Corporation Finance (the Division), issued a statement providing clarification regarding the disclosure of cybersecurity incidents by reporting companies. This...more

Wiley Rein LLP

Darned if You Do, Darned if You Don’t: Recent Lessons from the SEC On Cyber Reporting

Wiley Rein LLP on

The Security and Exchange Commission (SEC) Director of the Division of Corporate Finance, Erik Gerding, released a statement on May 21, 2024 that may have regulated entities scratching their heads about compliance and the...more

Skadden, Arps, Slate, Meagher & Flom LLP

Utah Becomes First State To Enact AI-Centric Consumer Protection Law

Skadden, Arps, Slate, Meagher & Flom LLP on

On March 13, 2024, Utah enacted the Utah Artificial Intelligence Policy Act (UAIP), which imposes certain disclosure requirements on entities using generative AI tools with their customers, and limits an entity’s ability to...more

Alston & Bird

Top 10 Issues General Counsel Need to Know About Ransomware in 2024

Alston & Bird on

Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more

Fisher Phillips

Workplace Law Forecast 2024 - Your workplace law recap for 2023 and predictions for 2024 to help you prepare for the coming year.

Fisher Phillips on

When I reflect on the relationship that our firm has with our clients, I’m most proud of the fact that you can always count on us. That often means defending complex litigation, steering you through regulatory threats,...more

Vinson & Elkins LLP

SEC Finalizes Cybersecurity Rules for Public Companies: What's New, What's Not, and What’s Next

Vinson & Elkins LLP on

On July 26, 2023, the Securities and Exchange Commission (“SEC”) voted to approve final rules governing cybersecurity disclosures of public companies (“Final Rules”). The Final Rules make meaningful changes to the current and...more

Skadden, Arps, Slate, Meagher & Flom LLP

Court of Chancery Dismisses Caremark Claims Because of Reporting Systems

Skadden, Arps, Slate, Meagher & Flom LLP on

Delaware courts have historically been reluctant to allow Caremark (or “board oversight”) claims to gain traction, describing such a claim as “possibly the most difficult theory in corporation law upon which a plaintiff might...more

Blake, Cassels & Graydon LLP

Nouvelles exigences relatives à la déclaration des incidents de confidentialité en vigueur au Québec

Blake, Cassels & Graydon LLP on

Depuis le 22 septembre 2022, les entités du secteur privé exerçant des activités au Québec doivent aviser, avec diligence, la Commission d’accès à l’information (la « CAI ») de toute atteinte à la vie privée (soit un «...more

Blake, Cassels & Graydon LLP

New Breach Reporting Requirements in Force in Quebec

Blake, Cassels & Graydon LLP on

As of September 22, 2022, private-sector entities carrying on business in Quebec are required to notify Quebec’s Commission d’acces a l’information (CAI) and affected individuals of a privacy breach (referred to as a...more

BCLP

Ransomware - why paying up earns no credit with the UK's Data Protection Authority and others

BCLP on

In a joint letter this summer, the UK’s data protection regulator (the ICO) and the UK’s National Cyber Security Centre (the NCSC) sought to convey some key messages to the legal profession relevant to advising clients...more

Alston & Bird

New Cybersecurity Rules In India Impose Strict Reporting Requirements and Steep Penalties

Alston & Bird on

The Indian Computer Emergency Response Team (“CERT-In”) issued Directions on April 28, 2022 “to strengthen the cybersecurity in the country” and that has significant implications for the cybersecurity landscape. Effective...more

Williams Mullen

Four Key Developments in Data, Data Protection and Cybersecurity Law

Williams Mullen on

The month of March has seen significant developments in the cybersecurity and data protection space. Here are four key legal developments that could be critical to your business. . . ...more

BCLP

SEC proposes new cybersecurity disclosure requirements

BCLP on

On March 9, 2022, the SEC proposed new requirements for reporting of material cybersecurity incidents in 8-Ks and periodic reports as well as disclosure of board and management roles with respect to cybersecurity and of...more

Alston & Bird

FTC Revises the Safeguards Rule and Proposes Mandatory Reporting of Cybersecurity Events

Alston & Bird on

On October 27, 2021, the FTC released its much-anticipated final revisions to the Gramm-Leach-Bliley Safeguards Rule (Safeguards Rule or Final Rule), following a 3-2 vote along party lines and also released a notice of...more

Goodwin

NYDFS Issues Ransomware Guidance Aimed At Combatting Rising Cyber Threats

Goodwin on

The exponential rise in ransomware attacks in the past year has everyone on high alert, not least of which are regulators. Following on the heels of a June 2, 2021 White House memo addressing ransomware prevention, on June...more

Mintz - Privacy & Cybersecurity Viewpoints

CCPA Reporting Deadline Reminder

Mintz - Privacy & Cybersecurity Viewpoints on

If your business is subject to the California Consumer Privacy Act (CCPA), and your business handles (in any manner set forth in the CCPA) the personal information of 10,000,000 or more California residents in a calendar...more

Holland & Knight LLP

SEC Issues First-Ever Penalties for Deficient Cybersecurity Risk Controls

Holland & Knight LLP on

The U.S. Securities and Exchange Commission (SEC) has launched a stunning salvo across the bows of public companies with its announcement of civil monetary penalties and a cease-and-desist order against First American...more

Health Care Compliance Association (HCCA)

[Virtual Event] 2021 Managed Care Compliance Conference - February 1st - 3rd, 9:30 am - 3:45 pm CST

Health Care Compliance Association (HCCA) on

The first ever VIRTUAL Managed Care Compliance Conference will have the great speakers and content you have come to expect from the in-person event. Each year, we look forward to hosting compliance professionals at our...more

White and Williams LLP

A Reminder of the Critical Issue of Notice and Timing in Claims-Made Cyber and Tech E&O Policies

White and Williams LLP on

The recent decision in Illinois federal court in Hartford Fire Insurance Company v. iNetworks Services, LLC, 2020 U.S. Dist. LEXIS 53473 (N.D. Ill. Mar. 27, 2020), serves as an important reminder on the role of timely notice...more

Blake, Cassels & Graydon LLP

One Year into Mandatory Reporting, Canada’s Privacy Commissioner Releases Key Data Breach Trends

Blake, Cassels & Graydon LLP on

To mark the one-year anniversary of mandatory breach reporting under the Personal Information Protection and Electronic Documents Act (PIPEDA), the Office of the Privacy Commissioner of Canada (OPC) published a blog post...more

Fisher Phillips

March 2019: The Top 14 Labor And Employment Law Stories

Fisher Phillips on

It’s hard to keep up with all the recent changes to labor and employment law. While the law always seems to evolve at a rapid pace, there have been an unprecedented number of changes for the past few years—and this past month...more

30 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide