Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
Will Resiliency Carry the Digital Asset Sector Through 2024: State-Level Developments — The Crypto Exchange Podcast
Climate Risk, the emerging risk
The NYDFS Updates Its Stringent Cybersecurity Regulations. Is This a Bellwether of Coming Industry Change? - The Consumer Finance Podcast
How the New York Department of Financial Services (DFS) Regulates Virtual Currency, a Close Look with Special Guest Kaitlin Asrow, Executive Deputy Superintendent of Research and Innovation, DFS
Compliance Into The Weeds - DFS Fines Carnival Cruise Lines for Cyber Failures
Compliance into the Weeds: DFS First Cyber Case-First American Title
Videocast: Asset management regulation in 2020 videocast series – Regulators step up pressure to implement LIBOR transition plans
Your Cyber Minute: State influences bring a new dawn of cyber regulations
Your Cyber Minute: Compliance with the Proposed NYDFS Cybersecurity Regulation
Your Cyber Minute: Harriet Pearson and Greg Lisa on the Proposed NYDFS Cyber Security Regulation
Keypoint: New York has amended its data breach notification law twice in the last 60 days to (1) add a 30-day deadline for notifying affected residents, (2) clarify that covered financial entities must still notify the New...more
On January 23, 2025, PayPal settled an enforcement action brought by the New York State Department of Financial Services (NY DFS) for failing to comply with cybersecurity regulations required for financial services businesses...more
On December 24, 2024, New York Governor Kathy Hochul signed into law amendments to New York’s private-sector data breach notification law (General Business Law § 899-aa) and government agency data breach notification law (New...more
The New York Department of Financial Services (NYDFS) issued new guidance (the Guidance) on October 16, 2024, to help state-regulated financial institutions mitigate the myriads of cybersecurity risks posed by artificial...more
Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more
The year 2022 saw a groundswell of interest in privacy rights and related legislation. Five states enacted new laws or regulations aimed at protecting a general right to privacy, while the U.S. government came closer than...more
Welcome to the inaugural issue of Katten’s Privacy, Data and Cybersecurity Quick Bytes. Each month, Quick Bytes will highlight the latest news and legal developments involving privacy, data and cybersecurity issues across the...more
On November 9, 2022, New York Department of Financial Services (NYDFS) Superintendent Adrienne Harris announced that the NYDFS formally proposed an updated cybersecurity regulation. Although the updates had previously been...more
This year has seen some substantial new data breach settlements including a $500,000 Federal Trade Commission (FTC) fine against CafePress, a $1.25 million multi-state class action settlement and $5 million New York...more
The exponential rise in ransomware attacks in the past year has everyone on high alert, not least of which are regulators. Following on the heels of a June 2, 2021 White House memo addressing ransomware prevention, on June...more
The U.S. Securities and Exchange Commission (SEC) has launched a stunning salvo across the bows of public companies with its announcement of civil monetary penalties and a cease-and-desist order against First American...more
The Cybersecurity Division of the New York State Department of Financial Services (DFS) continues to ramp up enforcement of the Cybersecurity Regulation. In two recent settlements, DFS has begun to offer insight into how it...more
On April 14, 2021, the New York Department of Financial Services (“NYDFS”) announced a settlement with National Securities Corporation (“National Securities”), a licensed insurer, in connection with claims under the NYDFS...more
There are cybersecurity lessons to be learned from high profile data breaches and the ensuing regulatory responses. The recent well-publicized Twitter hack is no different. According to the New York State Department of...more
In the past few years, cybersecurity has taken on increasing importance in the eyes of lawmakers and regulators. Traditionally, cybersecurity compliance that is tied to the protection of personal information generally has...more
The New York State Department of Financial Services (“NYDFS”) has announced its first enforcement action of NYDFS’ Cybersecurity Regulation, Part 500 of Title 23 (“Cybersecurity Regulation”) against First American Title...more
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
On July 21, 2020, the New York State Department of Financial Services (NYDFS) filed charges against First American Title Insurance Company (First American) for breach of state cybersecurity regulations. Specifically, NYDFS...more
The close of 2019 witnessed a significant development in data security law that impacts companies regulated with respect to or engaged in the trading of public securities, as well as those companies that provide services to...more
This issue of Skadden’s semiannual Cross-Border Investigations Update takes a close look at recent cases, regulatory activity and other key developments, including DOJ guidance on the use of corporate monitors in criminal...more
On March 1, 2018, the one year transition period within which banks, insurance companies, and other financial services institutions and licensees regulated by the New York Department of Financial Services (“Covered Entities”)...more
Recently proposed legislation in Ohio could provide businesses with special protection from lawsuits in the event of a hack under certain circumstances. Senate Bill 220 would shelter businesses that have been proactive in...more
In this edition of our Privacy & Cybersecurity Update, we look at a series of recent court rulings regarding standing in privacy cases, most of which suggest plaintiffs will continue to have a difficult time establishing...more
In this edition of our Privacy & Cybersecurity Update, we examine the Sixth Circuit's decision to allow injury-in-fact to be established by alleging a "substantial risk of harm" in a data breach case, New York state's...more