On March 9, 2022, the Securities and Exchange Commission (“SEC”) announced Proposed Rules on cybersecurity risk management, strategy, governance, and incident disclosure (“Proposed Rules”) to address concerns of increasing...more
As the onslaught of data breaches and ransomware attacks continues, state governments are grappling with ways to bolster the impact and reach of breach notification laws. All fifty states, Puerto Rico, Guam, the Virgin...more
10/15/2021
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Incident Response Plans ,
New Regulations ,
Personally Identifiable Information ,
Popular ,
Regulatory Reform ,
Regulatory Requirements ,
State Data Breach Notification Statutes
On October 1, 2020, the Office of Foreign Assets Control (“OFAC”) issued guidance warning of potential sanctions risks for making ransomware payments related to malicious cybersecurity incidents. The same day, the Financial...more
A recent order by a federal court in Virginia rejected arguments that a cybersecurity consultant’s data breach report, which had been prepared at the direction of outside legal counsel, qualified for work product protection....more