On October 16, 2024, the New York Department of Financial Services (“NYDFS”) released an Industry Letter—entitled Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks (the “Letter”)....more
10/22/2024
/ Artificial Intelligence ,
Consumer Privacy Rights ,
Covered Entities ,
Cybersecurity ,
Cybersecurity Framework ,
Enforcement ,
Financial Institutions ,
Financial Services Industry ,
NYDFS ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management ,
Technology Sector
On May 16, 2024, the U.S. Securities and Exchange Commission (“SEC”) adopted amendments to Regulation S-P (“Reg S-P”) that are intended to help protect investors’ privacy from the “expanded use of technology and corresponding...more
5/29/2024
/ Broker-Dealer ,
Compliance ,
Customer Information ,
Incident Response Plans ,
Investment Adviser ,
Investors ,
Notice Requirements ,
Personal Information ,
Policies and Procedures ,
Privacy Laws ,
Recordkeeping Requirements ,
Regulation S-P ,
Securities and Exchange Commission (SEC)
The Director of the Division of Corporation Finance of the SEC issued a statement last week relating to the recent SEC cybersecurity disclosure rules that require public companies to disclose the occurrence of material...more
5/28/2024
/ Banking Sector ,
Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Form 8-K ,
Investors ,
Publicly-Traded Companies ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Regulation ,
Voluntary Disclosure
Managing these risks at a single company should be straightforward. Executives and CISOs may be personally held accountable for cyber failings, negligence, breaches, and inadequate disclosure around cyber vulnerabilities and...more
4/3/2024
/ Chief Information Security Officer (CISO) ,
Corporate Governance ,
Cyber Insurance ,
Cybersecurity ,
D&O Insurance ,
Data Breach ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
Investigations ,
Liability ,
Popular ,
Private Equity ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Whistleblowers
At this point, it is self-evident that companies are grappling with an ever-evolving (think: tougher) cyber risk terrain. However, two recent cases against companies and their Chief Information Security Officers (CISOs),...more
2/27/2024
/ Board of Directors ,
Breach of Duty ,
Chief Information Security Officer (CISO) ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Disclosure Requirements ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Popular ,
Regulatory Agenda ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Regulation ,
Whistleblowers