On October 16, 2024, the New York Department of Financial Services (“NYDFS”) issued an industry letter covering Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks (the “Industry...more
Earlier this year, the National Institute of Standards and Technology (NIST) issued an update to its Cybersecurity Framework (CSF) with the release of version 2.0, the first update since April 2018 (version 1.1). While the...more
Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more
2/26/2024
/ Corporate Counsel ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Data Theft ,
NYDFS ,
Popular ,
Ransomware ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC)
With an amendment to its Safeguards Rule, the Federal Trade Commission has joined other federal agencies regulating cybersecurity breaches. Our Privacy, Cyber & Data Strategy Team analyzes how the amendment will affect...more
At the end of September 2023, the Cyberspace Administration of China (CAC) released draft regulations (see the unofficial English translation) regulating the cross-border flow of personal information and important data out of...more
The New York Department of Financial Services (“NY DFS”) published an updated proposed Second Amendment to its Cybersecurity Regulation (23 NYCRR Part 500) in the New York State Register on June 28, 2023, updating its...more
On June 7, 2023, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a Joint Cybersecurity Advisory in connection with a recent zero-day (or previously...more
On February 24, 2023, the Cyberspace Administration of China (“CAC”) released its final version of the Standard Contract Measures for Exporting Personal Information (“Standard Contract Measures”), accompanied by a template...more
The New York Department of Financial Services (“DFS”) released their proposed second amendment to the Cybersecurity Regulation, 23 NYCRR Part 500 (“Proposed Second Amendment”) on October 9, 2022....more
Enhancing data security programs to protect personal information is a critical area companies cannot ignore. Our Privacy, Cyber & Data Strategy and Financial Services & Products groups unpack the latest moves by the Consumer...more
Maryland recently passed House Bill 962, amending Maryland’s Personal Information Protection Act (PIPA) (Md. Code Ann. Comm. Law 14-3504). As summarized below, House Bill 962 amends certain aspects of PIPA relating to breach...more
On June 10, 2021, almost exactly three years after the passing of its Cybersecurity Law (CSL), the National People’s Congress of China passed a new Data Security Law (DSL) (click here for an unofficial English translation of...more
The New York Department of Financial Services (NYDFS) issued new guidance this week intended to assist organizations in thwarting ransomware attacks. The guidance clarifies the NYDFS’ expectation that NYDFS-regulated...more