News & Analysis as of

Data Protection Cyber Incident Reporting

Mayer Brown

Communications in a Cyber Incident – Guidance

Mayer Brown on

The UK National Cyber Security Centre has published guidance on effective communications in a cyber incident. While targeted at organisations generally, rather than explicitly at pension scheme trustees, the guidance contains...more

Mayer Brown

New EU Cyber Rules (NIS2) Take Effect; Implementing Rules Adopted

Mayer Brown on

On 17 October 2024, the European Commission adopted the first Implementing Regulation under the Network and Information Security 2 Directive (EU) 2022/2555 (NIS2), focusing on digital infrastructures and services. The...more

Troutman Pepper

Cyber Incident Response Checklist for SEC Compliance

Troutman Pepper on

By now, public companies are generally aware of the cybersecurity rules adopted by the U.S. Securities and Exchange Commission a year ago, requiring public companies to disclose material cybersecurity incidents under Item...more

Alston & Bird

Green Light for the Enforcement of NIS 2 in Limited EU Countries Only

Alston & Bird on

EU Member States had until today, October 17, 2024, to transpose the Network and Information Security (NIS) 2 Directive into their national laws. As Directives are not directly applicable in EU Member States, the EU...more

A&O Shearman

Australia’s Cyber Security Legislative Package 2024: Deadline for submissions

A&O Shearman on

On October 9 2024, the Australian Government introduced into Parliament the Cyber Security Legislative Package to implement several initiatives under the 2023-2030 Australian Cyber Security Strategy, which includes the...more

Health Care Compliance Association (HCCA)

2nd Settlement Triggered by 2017 Ransomware Attack Costs WA Practice $100K; ‘Not a Breach’

Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more

Baker Donelson

Data Breaches: The Not-So-Hidden Cost of Doing Business

Baker Donelson on

In this era of big data, smart devices, and constant connectivity, the clock's already ticking on your next data breach – it's just a matter of time. For companies of all sizes and across every industry, the stakes have never...more

Wyrick Robbins Yates & Ponton LLP

Maybe Not Practical After All: HUD Proposes Revised Cyber Incident Reporting Requirement for FHA-Approved Mortgagees

As we discussed in a recent post, earlier this year the U.S. Department of Housing and Urban Development (“HUD”) issued Mortgagee Letter 2024-10, which imposed a new requirement on all FHA-approved mortgagees to report...more

Cozen O'Connor

PA AG Launches Online Portal for Data Breach Reporting

Cozen O'Connor on

Pennsylvania AG Michelle Henry announced the launch of an online portal to report data breaches ahead of the effective date of recent amendments to Pennsylvania’s Breach of Personal Information Notification Act (BPINA)....more

Troutman Pepper

SEC Cybersecurity Incidents Disclosures: Materiality, Decryptors, and Ransom Payments - Dear Mary – Incidents + Investigations...

Troutman Pepper on

I work for a public company that recently experienced a ransomware attack. Fortunately, we were able to restore our business operations quickly by obtaining a decryption key from the threat actor. Given that we managed to get...more

Jones Day

SEC v. SolarWinds: Court Rejects SEC Authority Over Cybersecurity Controls and Most Alleged Disclosure Violations

Jones Day on

The U.S. District Court for the Southern District of New York dismissed the majority of claims that the Security and Exchange Commission ("SEC") asserted against SolarWinds, including claims that the company's alleged...more

Royer Cooper Cohen Braunfeld LLC

Tech Moves Fast, the SEC is Trying to Keep Up

On May 16, the Securities and Exchange Commission (“SEC”) announced the adoption of amendments to Regulation S-P, aimed at modernizing and enhancing the rules governing the treatment of consumers’ nonpublic personal...more

BakerHostetler

[Podcast] 2024 DSIR Deeper Dive: Deeper Dive into the Data

BakerHostetler on

We’re back with a deeper dive into the 2024 Data Security Incident Response Report, which features insights and metrics from 1,150+ incidents in 2023. This episode dives deeper into the data, including network intrusions...more

Robinson+Cole Data Privacy + Security Insider

Privacy Tip #406 – Rite Aid Discloses Data Breach

Bleeping Computer has reported that Rite Aid has disclosed a data breach affecting 2.2 million individuals. According to the report, Rite Aid stated in its filing with the Maine Attorney General that “We determined by...more

Health Care Compliance Association (HCCA)

Privacy Briefs: July 2024

Pennsylvania-based Geisinger Health System said it experienced a breach impacting more than 1.27 million patients when a former employee of vendor Nuance Communications Inc., a Microsoft Corp. subsidiary, accessed patient...more

BakerHostetler

[Podcast] 10th Anniversary Lookback: What a Long Strange Breach it’s Been

BakerHostetler on

Partner Eric Packel takes a deeper dive into BakerHostetler’s 2024 Data Security Incident Response Report. Packel looks back on the last ten years and examines the ways in which the data breach landscape has changed and what...more

Holland & Knight LLP

SEC Cyber Enforcement Update: Which Way Are the SolarWinds Blowing?

Holland & Knight LLP on

The SEC has been aggressively pursuing cybersecurity investigations and enforcement actions against public companies and foreign private issuers. In these actions, the SEC often alleges one of two theories: 1) that the...more

Stark & Stark

Understanding the Enhanced Regulation S-P Requirements

Stark & Stark on

On May 16, 2024, the Securities and Exchange Commission adopted amendments to Regulation S-P, the regulation that governs the treatment of nonpublic personal information about consumers by certain financial institutions....more

Kennedys

[Webinar] Days of reckoning: How to prepare for, respond to, and recover from ransomware and other cyberattacks - June 27th, 2:00...

Kennedys on

Kennedys and Booz Allen Hamilton are delighted to invite you to our 3 hour webinar on Thursday, June 27, 2024. This half-day seminar features three presentations: Clear and present danger, In the war room, and The fallout....more

BakerHostetler

Deeper Dive into the Data - May 2024

BakerHostetler on

Every spring, BakerHostetler collects, analyzes, and compares key metrics on the incident response matters we handled in the prior year. The output – our Data Security Incident Response (DSIR) Report – highlights key findings...more

Health Care Compliance Association (HCCA)

UHG’s Breach Response May Prove Enlightening for Others

Organizations typically deal with ransomware attacks out of the public eye, but the massive scale of United Healthcare Group’s (UHG) February breach made that an impossibility. UHG CEO Andrew Witty was recently on the hot...more

King & Spalding

Department of Homeland Security Proposes Rule for Reporting of Cyber Incidents

King & Spalding on

On April 4, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) published for public comment a long-awaited proposed rule to implement the Cyber Incident Reporting for Critical Infrastructure Act of 2022...more

Fisher Phillips

Florida Passes Cybersecurity Data Breach Immunity Law: 3 Things Businesses Need to Know – and 3 Things to Do

Fisher Phillips on

Florida lawmakers recently passed a law that provides businesses with a defense to claims arising from “cybersecurity incidents” that lead to data breaches – so long as they meet a few critical obligations. The bill is...more

HaystackID

[Webcast Transcript] Getting Things Done with GAI

HaystackID on

Editor’s Note: During this webcast, industry leaders discussed using generative AI (GAI) in the legal and cybersecurity fields. The speakers, John Brewer, Anya Korolyov, Chris Wall, and Bernie Gabin, all experts in AI and...more

Woods Rogers

What You Need To Know About CISA’s Cybersecurity Guidance for the Water & Wastewater Sector

Woods Rogers on

CISA’s Incident Response Guide outlines ways in which WWS owners and operators can engage with federal agencies to prepare for, mitigate, and respond to cyber incidents, including best practices for incident response and...more

198 Results
 / 
View per page
Page: of 8

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide