The Informed Board Podcast | Board Oversight at a Time of Political and Geopolitical Uncertainty
Podcast - Tips for Maintaining FTC Compliance When Using AI
SkadBytes Podcast | Tech’s Shifting Landscape: Five Trends Shaping the Conversation
From Banks to FinTech: The Evolution of Small Business Lending — The Consumer Finance Podcast
From Banks to FinTech: The Evolution of Small Business Lending — Payments Pros – The Payments Law Podcast
Podcast - Navigating the Updated SF-328 Form
Five Tips for a New Public Company Director
Doc Fees Decoded: The Price of Paperwork in Auto Sales — Moving the Metal: The Auto Finance Podcast
PODCAST: Williams Mullen's Benefits Companion - Gag Clause Prohibitions
Episode 371 -- DOJ's New Corporate Enforcement Program
Podcast - New Guidance on Complying with FTC Rule on Deceptive and Unfair Fees
Welcoming a New Payment Pro: Jason Cover Joins the Payments Pros Podcast — Payments Pros – The Payments Law Podcast
(Podcast) The Briefing: Influencer Fail – ALO Yoga & Influencers Named in $150M Class Action Lawsuit for FTC Violations
The Briefing: Influencer Fail – ALO Yoga & Influencers Named in $150M Class Action Lawsuit for FTC Violations
Compliance into the Weeds: Leaving on a (Qatari) Jet Plane
LEGAL ALERT | NAD Finds Kevin Hart’s Social Media Disclosures Insufficient in Monitoring Decisions
Choosing Your LDA Reporting Path for 2025
Bar Exam Toolbox Podcast Episode 305: Spotlight on Civil Procedure (Part 2 – Discovery)
Compliance Tip of the Day: Clarifying Compliance Mandates
Consumer Finance Monitor Podcast Episode: How to Use the Restatement of Consumer Contracts - A Guide for Judges
A state law requiring municipalities and public authorities to report cybersecurity incidents within 72 hours and ransomware payments within 24 hours compels New York governments to ensure they have protocols in place to...more
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
The U.S. Securities and Exchange Commission (SEC) Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules officially went into effect in December 2023. Aimed at improving cybersecurity risk...more
This week, the Securities and Exchange Commission (SEC) charged four public companies for alleged deceptive cyber disclosures: Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd., and Mimecast Limited....more
By now, public companies are generally aware of the cybersecurity rules adopted by the U.S. Securities and Exchange Commission a year ago, requiring public companies to disclose material cybersecurity incidents under Item...more
On May 16, 2024, the SEC breathed new life into its decades-old Regulation S-P, which requires firms to adopt policies and procedures for the protection of customer information and records. The amended rule balloons the...more
I work for a public company that recently experienced a ransomware attack. Fortunately, we were able to restore our business operations quickly by obtaining a decryption key from the threat actor. Given that we managed to get...more
Covered institutions will need to review their cybersecurity and incident response policies and procedures ahead of the applicable compliance deadline. ...more
On June 24, 2024, the SEC issued five new Compliance & Disclosure Interpretations (C&DIs) relating to the materiality assessment and disclosure requirements of material cybersecurity incidents under Item 1.05 of Form 8-K....more
After a few years of proposing and adopting an unprecedented number of new rules, the Securities and Exchange Commission moderated its rule adoption activities in the second quarter of 2024. During the quarter, the SEC...more
The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more
Are you prepared for the new SEC Rule on Cybersecurity Incident and Risk Management Disclosures? Don't let your business get caught off guard! This webinar will cover important points about the rule and how to effectively...more
As annual reporting season begins, it is important to take a fresh look at the company’s governance and incident response processes and develop risk-informed and compliant disclosures. While many companies are understandably...more
On December 14, 2023, Erik Gerding, Director, Division of Corporation Finance at the Securities and Exchange Commission (“SEC”) gave a speech on the SEC’s final rules (the “Final Rule(s)”) regarding cybersecurity risk...more
The U.S. Securities and Exchange Commission (SEC) adopted final rules in 2023 that are intended to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incident reporting by...more
Key Takeaways - With the SolarWinds enforcement action, the SEC continues to ratchet up its enforcement against companies that fail to properly disclose their cybersecurity incidents and risks. By naming the SolarWinds CISO...more
On July 26, 2023, the U.S. Securities and Exchange Commission (“SEC”) adopted final rules relating to enhanced cybersecurity disclosures, which became effective on September 5, 2023 (the “Final Rules”). Beginning in December...more
Last month, Gurbir Grewal, the Director of the SEC’s Division of Enforcement, spoke at the Financial Times Cyber Resilience Summit. During the remarks, he outlined the importance of cybersecurity and signaled that the SEC is...more
With the first wave of amendments to Québec’s personal information protection legislation (“Law 25”) taking effect on September 22, 2022, we thought we would share the top 5 misconceptions we have encountered when discussing...more
On March 9, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules that would require public companies to report detailed information about material cybersecurity incidents affecting their business and...more
One thing I appreciate about the SEC comment letter process is that it gives real life examples to what is often discussed hypothetically. Take, for example, cybersecurity and steps management should take when a data incident...more
On October 8, 2015, California Governor Jerry Brown signed A.B. 964 and S.B. 570 into law, a pair of bills that amended the Golden State’s data breach notification statute (Ca. Civ. Code § 1798.82). The amendments...more
The SEC announced last week that an investment adviser had agreed to settle charges that it failed to take required steps to protect against and respond effectively to a cybersecurity breach. The action comes on the heels of...more