On March 9, 2022 the SEC proposed rule amendments that would require public companies to report detailed information about material cybersecurity incidents affecting their business and about their cybersecurity risk...more
On February 4, the New York Department of Financial Services (NYDFS) released Insurance Circular Letter No. 2 (2021), a Cyber Insurance Risk Framework (Framework) for insurers that write cyber insurance....more
2/17/2021
/ Consumer Insurance Products ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Insurance ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Protection ,
Insurance Regulations ,
NYDFS ,
Popular ,
Risk Management ,
State and Local Government
While eyes focus on the privacy legislative debate now underway in the United States, the development of a new Privacy Framework by the influential National Institute of Standards and Technology (“NIST”) is also worthy of...more
“Getting to Data Nirvana” is our four-step approach to help you integrate your legal, regulatory and compliance work streams into your organisation’s overall data strategy.
...more
7/31/2018
/ Compliance ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Personally Identifiable Information ,
Policies and Procedures ,
Regulatory Requirements ,
Risk Management
“Getting to Data Nirvana” is our four-step approach to help you integrate your legal, regulatory and compliance work streams into your organisation’s overall data strategy.
The job of the legal and compliance teams is to...more
6/11/2018
/ Competition ,
Data Privacy ,
Information Governance ,
Intellectual Property Protection ,
Litigation Strategies ,
Ownership Rules ,
Personal Data ,
Regulatory Oversight ,
Regulatory Requirements ,
Risk Management ,
Strict Compliance
Prompted by concern over the increase in the risks and frequency of data breach incidents and other cyber-attacks affecting public companies, the Securities and Exchange Commission recently published interpretive guidance to...more
3/6/2018
/ Cyber Threats ,
Cybersecurity ,
Data Breach ,
Disclosure Requirements ,
Financial Statements ,
Insider Trading ,
Interpretive Rule ,
Non-Public Information ,
Publicly-Traded Companies ,
Regulation FD ,
Regulation S-K ,
Risk Management ,
Securities and Exchange Commission (SEC)
It’s been almost a year since the New York State Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) came into effect. Since that time, a series of key dates have marked the implementation of...more
2/28/2018
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
Insurance Industry ,
NYDFS ,
Popular ,
Risk Assessment ,
Risk Management ,
Vulnerability Assessments
Whether malicious or inadvertent, workforce actions cause or contribute to a high percentage of the cyber attacks experienced by organizations. Protecting against such "insider" cyber risk can be challenging, especially given...more
As a follow-up to our previous reports (December 30, 2016 Alert; February 24, 2017 Alert) regarding the cybersecurity regulations issued by the New York State Department of Financial Services (NYDFS), we would like to remind...more
8/10/2017
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Financial Institutions ,
Information Technology ,
Insurance Industry ,
NYDFS ,
Personally Identifiable Information ,
Popular ,
Risk Management ,
Third-Party Service Provider
Earlier this year, the National Association of Corporate Directors (NACD) released an updated version of its Director’s Handbook on Cyber-Risk Oversight (Handbook). The updates add 16 pages of content to the previously...more
7/19/2017
/ Board of Directors ,
Corporate Counsel ,
Corporate Governance ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Handbooks ,
Information Technology ,
National Association of Corporate Directors (NACD) ,
Risk Management
Malware was recently identified that appears to have been designed and deployed by a nation-state to target and shut down electric grids.
According to published reports, this malware currently appears to be capable of...more
Major companies, health care organizations and government agencies are facing a wave of cyberattacks involving ransomware that takes control of computers and denies access until a ransom is paid. These attacks are occurring...more
As Hogan Lovells previously reported, the New York State Department of Financial Services (NYDFS) has launched a significant initiative to impose detailed cybersecurity requirements on covered financial institutions. On...more
2/27/2017
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Confidential Information ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Disclosure Requirements ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
Insurance Industry ,
Notice Requirements ,
NYDFS ,
Personally Identifiable Information ,
Popular ,
Risk Assessment ,
Risk Management ,
Third-Party Service Provider
Hogan Lovells Partner Harriet Pearson and Managing Principal of our Cyber Risk Services Jeff Lolley look ahead to 2017's major cyber vulnerabilities and where clients need to safeguard. ...more
In the past month, the National Institute of Standards and Technology (NIST) has issued a draft update to its flagship cybersecurity framework as well as new standalone guidance on how organizations can plan to recover from...more
1/26/2017
/ Comment Period ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Protection ,
NIST ,
Ransomware ,
Risk Management ,
Supply Chain
The New York Department of Financial Services (NYDFS) just issued major revisions to the cybersecurity regulations for financial institutions that were due to come into effect on January 1, 2017. To allow covered institutions...more
1/3/2017
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Encryption ,
Financial Institutions ,
Financial Services Industry ,
Insurance Industry ,
NYDFS ,
Popular ,
Risk Assessment ,
Risk Management