The requirement to disclose material cybersecurity events under new Item 1.05 of Form 8-K takes effect today (other than for smaller reporting companies, for which the new requirement will take effect on June 15, 2024)....more
Public companies will soon be required to provide increased transparency about cybersecurity incidents, risk management, strategy and governance as a result of new rules adopted by the Securities and Exchange Commission (the...more
8/14/2023
/ Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Final Rules ,
Form 8-K ,
Publicly-Traded Companies ,
Regulation S-K ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
On May 23, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) published a second edition of the #StopRansomware Guide (the Guide). The Guide, first published in September 2020, aims to help organizations reduce...more
The US Department of Justice (DOJ) recently announced plans to use the False Claims Act (FCA) to pursue cybersecurity-related fraud by government contractors, subcontractors and grant recipients, including for providing...more
10/14/2021
/ Compliance ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Protection ,
Department of Justice (DOJ) ,
DFARS ,
False Claims Act (FCA) ,
Federal Contractors ,
Fraud ,
Subcontractors
On October 21, 2016, the Department of Defense (DoD) issued its final rule on Network Penetration Reporting and Contracting for Cloud Services, amending an interim version issued on August 26, 2015, and revised on December...more
Legal Framework -
Summarise the main statutes and regulations that promote
cybersecurity. Does your jurisdiction have dedicated
cybersecurity laws?
The United States generally addresses cybersecurity...more
3/7/2016
/ Cloud Computing ,
Computer Fraud and Abuse Act (CFAA) ,
Cyber Incident Reporting ,
Cyber Insurance ,
Cybersecurity ,
Cybersecurity Act of 2015 ,
Data Protection ,
DFARS ,
DMCA ,
ECPA ,
Federal Trade Commission (FTC) ,
FERC ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
NIST ,
PCI-DSS Standard ,
Popular ,
Risk Management ,
Sarbanes-Oxley ,
State Data Breach Notification Statutes
On December 30, 2015, the Department of Defense (DoD) issued a second interim rule on Network Penetration Reporting and Contracting for Cloud Services, amending an earlier version issued on August 26, 2015. The new, amended...more
On December 18, 2015, Congress passed, and the President signed, the Cybersecurity Act of 2015, which provides authorization and liability protection for cybersecurity monitoring and information-sharing and authorization for...more
On December 15, 2015, the European Union reached an agreement on the final text of the new General Data Protection Regulation. The Regulation will replace the 1995 Data Protection Directive, which is currently the basis for...more