Michael Bahar on Cybersecurity

A Measured Approach - US Cybersecurity and Data Privacy Review and Update: Looking back on our 2023 articles and planning ahead...

Technological advances, especially in Artificial Intelligence and quantum computing, will continue to amaze in the coming years. They will open up vast new opportunities while presenting profound regulatory, litigation, and...more

3/1/2024 / Artificial Intelligence , Business Losses , Consumer Financial Protection Bureau (CFPB) , Coronavirus/COVID-19 , Cyber Crimes , Cybersecurity , Data Breach , Data Privacy , Enforcement Actions , Federal Trade Commission (FTC) , Financial Services Industry , NAIC , Popular , Securities and Exchange Commission (SEC) , State Privacy Laws , Technology , Website Design , Websites

New cyber threat to US critical infrastructure

Last week the FBI Director, CISA Director, NSA Director, and National Cyber Director testified publicly about current and ongoing threats to US critical infrastructure providers by Chinese state-sponsored entities known as...more

2/9/2024 / China , Congressional Investigations & Hearings , Critical Infrastructure Sectors , Cyber Attacks , Cyber Threats , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , FBI , National Security Agency (NSA) , Popular , State Sponsors of Cyberattacks

US Treasury Department announces initiatives for further study of a federal insurance backstop for catastrophic cyber events

On November 17, 2023, the United States Treasury Department’s Federal Insurance Office (FIO) and the Volatility and Risk Institute at the NYU Stern School of Business jointly hosted a conference on Catastrophic Cyber Risk and...more

11/30/2023 / Biden Administration , Cyber Attacks , Cyber Crimes , Cyber Insurance , Cybersecurity , Federal Insurance Office , Insurance Industry , U.S. Treasury

New York Raises the Bar Again: Revised Cybersecurity Requirements for Financial Services Companies Finalized

On November 1, 2023, the New York Department of Financial Services (NY DFS) published its highly anticipated final amendments to its influential cybersecurity requirements for financial services companies (Part 500)....more

11/15/2023 / Chief Information Security Officer (CISO) , Compliance , Covered Entities , Cybersecurity , Final Rules , Financial Services Industry , Incident Response Plans , Multi-Factor Authentication , NYDFS , Policies and Procedures , Risk Assessment , Risk Management , State Data Breach Notification Statutes

The highly-anticipated US Executive Order on artificial intelligence: Setting the agenda for responsible AI innovation

On October 30, 2023, the Biden Administration issued the groundbreaking Executive Order 14110 on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (Order), which sets in motion a comprehensive...more

Updata: Your quarterly privacy & cybersecurity update - July - September 2023

Welcome to the latest edition of Updata – the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more

11/7/2023 / Banking Sector , Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , Data Subject Access Requests , Employee Monitoring , Enforcement Actions , EU , Hong Kong , New Legislation , Privacy Framework , Privacy Laws , UK

SEC adopts new rules to expand public company disclosure relating to cybersecurity by year end

On July 26, 2023, the US Securities and Exchange Commission (SEC) released final rules requiring disclosure by public companies of material cybersecurity incidents and policies and procedures related to cybersecurity risk...more

8/2/2023 / Business Development Companies , Compliance , Corporate Governance , Cyber Incident Reporting , Cybersecurity , Disclosure Requirements , Final Rules , Foreign Private Issuers , Form 10-K , Form 20-F , Form 8-K , Publicly-Traded Companies , Regulatory Oversight , Risk Management , Securities and Exchange Commission (SEC) , Securities Exchange Act , Third-Party Service Provider

Updata: Your Quarterly Privacy & Cybersecurity Update - April - June 2023

Welcome to the latest edition of Updata – the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more

7/14/2023 / Cyber Threats , Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , Personal Data , Personally Identifiable Information

Updata: Your quarterly privacy & cybersecurity update - January to March 2023

Welcome to the latest edition of Updata! Updata is an international report produced by Eversheds Sutherland’s dedicated Privacy and Cybersecurity team – it provides you with a compilation of key privacy and cybersecurity...more

Financial services regulators ramp up cybersecurity reporting requirements

US financial services regulators are continuing to enhance cyber reporting requirements in response to increasing geopolitical tensions, emerging technologies, the proliferation of cyber-attacks, and larger market events....more

4/28/2023 / Broker-Dealer , CFTC , Cyber Attacks , Cyber Threats , Cybersecurity , Financial Regulatory Agencies , Financial Services Industry , Personal Data , Publicly-Traded Companies , Regulation S-P , Reporting Requirements , Securities and Exchange Commission (SEC) , Sensitive Personal Information

Iowa enacts the sixth state-level comprehensive data privacy law

On March 29, 2023, the Iowa Governor signed into law a consumer data privacy law which enters into force on January 1, 2025. Entities already complying with other enhanced state privacy laws should not experience any...more

4/6/2023 / Consumer Privacy Rights , Cybersecurity , Data Breach , Data Collection , Data Privacy , Data Protection , Data Security , Personal Data , Personal Information , State Privacy Laws

A measured approach | US Cybersecurity and Data Privacy review and update: Looking back on our 2022 articles to help navigate 2023

The year 2023 will continue to have cybersecurity and data privacy front of mind for General Counsels. With sweeping new US and global laws and regulations coming online and the California Privacy Protection Agency (CPPA)...more

3/3/2023 / California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Collection , Data Privacy , Data Protection , Personal Data , Personal Information , Personally Identifiable Information , Privacy Laws , Sensitive Personal Information

Cyber risk strategy: State-backed cyber attacks and trends in cyber policies and risk management

Lloyds Market Bulletin Y5381 - Back in March 2022, we detailed the significant risks to both insureds and insurers posed by unclear cyber insurance policy wordings, with a particular focus on war exclusion clauses in the...more

2/2/2023 / Commercial Insurance Policies , Cyber Attacks , Cyber Insurance , Cybersecurity , Policy Terms , Popular , Risk Management

Getting ready for quantum computing: Managing the quantum threat

Experts estimate that within the next decade or so, adversaries will have the capacity to use quantum computing to break the encryption on virtually all existing digital databases. This is why it is highly significant...more

8/5/2022 / Algorithms , Cyber Attacks , Cybersecurity , Encryption , NIST , Popular , Regulatory Standards , Risk-Based Approaches

Proposed bipartisan legislation aims to clarify the crypto regulatory landscape

Senators Kirsten Gillibrand (D-NY) and Cynthia Lummis (R- WY) introduced new proposed legislation on June 7, 2022, which would classify the vast majority of digital assets as commodities, and empower the Commodities Futures...more

6/14/2022 / CFTC , Commodities , Cryptoassets , Cryptocurrency , Cybersecurity , Digital Assets , Environmental Social & Governance (ESG) , FERC , FinTech , Infrastructure Investment and Jobs Act (IIJA) , Investment Contract , NIST , Proposed Legislation , Securities and Exchange Commission (SEC)

Updata: Your quarterly data privacy & cybersecurity update - January to March 2022

Welcome to the latest edition of Updata! Updata is an international report produced by Eversheds Sutherland’s dedicated Privacy and Cybersecurity team - it provides you with a compilation of key privacy and cybersecurity...more

4/12/2022 / Analytics , Annual Reports , Cloud Service Providers (CSPs) , Cyber Incident Reporting , Cybersecurity , Data Privacy , International Data Transfers , New Legislation , Popular , Regulatory Requirements

The Cyber Incident Reporting for Critical Infrastructure Act of 2022

The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), passed as part of the omnibus spending bill on March 15, 2022, will require critical infrastructure companies - which could include financial...more

3/30/2022 / Biden Administration , Covered Entities , Critical Infrastructure Sectors , Cyber Attacks , Cyber Incident Reporting , Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , New Legislation , Rulemaking Process

Merck and International Indemnity v ACE (et al.): war exclusion clauses in an age of cyber warfare

Companies should be aware that, as a result of increasing geopolitical instability, there is a heightened risk of cyber-attacks. Particularly in light of the Merck case, they should therefore consider closely examining the...more

3/16/2022 / Commercial Insurance Policies , Cyber Attacks , Cyber Crimes , Cyber Insurance , Cybersecurity , Malware , Military Conflict , Policy Exclusions , Policy Terms , Russia , Ukraine

SEC proposes cybersecurity risk management rules for investment advisers, funds and business development companies

The Securities and Exchange Commission (SEC) has joined a host of other regulators in doubling down on efforts to protect against the rapidly intensifying cyber threats - with important implications for all SEC-registered...more

3/3/2022 / Business Development Companies , Cybersecurity , Investment Adviser , Investment Companies , Investment Funds , Popular , Proposed Amendments , Risk Management , Securities and Exchange Commission (SEC)

OFAC sanctions virtual currency exchange and updates ransomware advisory

On September 21, 2021, the US Department of the Treasury took actions in response to the increasing prevalence and severity of ransomware attacks in the United States and address the central role that virtual currency and...more

9/27/2021 / Currency Exchange , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Digital Currency , Economic Sanctions , Enforcement Actions , Office of Foreign Assets Control (OFAC) , Ransomware , SDN List , U.S. Treasury , Virtual Currency

Updata: Your quarterly privacy & cybersecurity update - April to June 2021

Welcome to the latest edition of Updata - the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more

Getting back when HACT: Congress’s idea to provide redress to recent cyberattacks

Amidst the ever-worsening onslaught of cyberattacks, companies are longing to go on the offensive, whether by “hacking-back” or by going after malicious actors in United States courts. While Congress has previously refused to...more

5/6/2021 / Computer Fraud and Abuse Act (CFAA) , Cyber Attacks , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Foreign Governments , Foreign Sovereign Immunities Act of 1976 (FSIA) , Hackers , Information Sharing , Proposed Legislation , Split of Authority

Updata: Your quarterly Data Privacy and Cybersecurity update - October - December 2020

Updata is an international report produced by Eversheds Sutherland’s dedicated Privacy and Cybersecurity team – it provides you with a compilation of key privacy and cybersecurity regulatory and legal developments from the...more

3/11/2021 / California Consumer Privacy Act (CCPA) , China , Coronavirus/COVID-19 , Court of Justice of the European Union (CJEU) , Cybersecurity , Data Privacy , Data Security , EU , EU-US Privacy Shield , European Data Protection Board (EDPB) , Hong Kong Monetary Authority (HKMA) , Popular , Schrems I & Schrems II , State Privacy Laws , Surveillance , Virus Testing

US Cybersecurity and Data Privacy review and update: Looking back on our 2020 articles and planning ahead for 2021

It was a tumultuous year for privacy and cybersecurity, and further uncertainty is all but guaranteed. The key to navigating this volatility, as 2020 proved, is to develop and maintain a proactive, agile and holistic data...more

2/10/2021 / Artificial Intelligence , California Consumer Privacy Act (CCPA) , Coronavirus/COVID-19 , Cryptocurrency , Cyber Crimes , Cybersecurity , Data Breach , Data Privacy , Data Security , Department of Justice (DOJ) , Enforcement Actions , Financial Services Industry , General Data Protection Regulation (GDPR) , NAIC , Popular

A Cybersecurity Storm and Winds of Change: NY DFS requires all New York financial institutions to report effects of SolarWinds...

The massive SolarWinds security breach, which affected not only the private sector, but federal, state and local governments, has caused some to question whether to share data with the government. On Friday, December 18, the...more

12/23/2020 / Broker-Dealer , Cyber Attacks , Cybersecurity , Data-Sharing , Financial Institutions , Financial Services Industry , Insurance Industry , NYDFS , Regulatory Requirements , Reporting Requirements

Michael Bahar

Eversheds Sutherland (US) LLP

Popular Topics by This Author

Latest Posts › Cybersecurity