Ransomware threats and attacks dominated the cyber news cycle in 2020 and into 2021. With the global pandemic and the uptick in remote work and learning, cybercriminals and nation-state hackers have seized on vulnerabilities...more
2/10/2021
/ Cryptocurrency ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Hackers ,
NYDFS ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
Risk Management ,
Underwriting
2020 has been a busy year in privacy law both domestically and around the globe. Some of the most striking developments included enforcement of the California Consumer Privacy Act (CCPA) and passage of the California Privacy...more
1/4/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
Information Governance ,
Personal Data ,
Popular ,
SHIELD Act
On Oct. 30, 2020, the United Kingdom’s data protection authority, the Information Commissioner’s Office (ICO), in connection with France’s Commission nationale de l’informatique et des libertés (CNIL), announced the largest...more
11/5/2020
/ British Airways ,
CNIL ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Enforcement Actions ,
EU ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Marriott ,
Popular
Certain provisions of the New York Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) recently took effect in the state of New York. The act was signed into law by the governor in July 2019, and its data breach...more
On April 13, the New York State Department of Financial Services (DFS) issued guidance to its regulated institutions on how to manage cyber-risks connected to remote working, amid a “significant” increase in cybercrime...more
At the end of January, the U.S. Securities and Exchange’s Office of Compliance Inspections and Examinations (OCIE) released its “Observations on Cybersecurity and Resiliency Practices” (Observations)....more
2/13/2020
/ Best Practices ,
Bring Your Own Device (BYOD) ,
Business Continuity Plans ,
C-Suite Executives ,
Corporate Governance ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Data Loss Prevention ,
Data Management ,
Data Protection ,
Denial of Service Attacks ,
Disclosure Requirements ,
Incident Response Plans ,
Malware ,
Mobile Device Management ,
Mobile Devices ,
OCIE ,
Policies and Procedures ,
Popular ,
Ransomware ,
Regulatory Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Third-Party Liability ,
Vendors
This Update highlights key legal and policy developments in cybersecurity and privacy law that may impact important trends for 2019 and beyond. A central takeaway from 2018 is that regulators in the U.S. and abroad are...more
1/28/2019
/ California Consumer Privacy Act (CCPA) ,
Carpenter v US ,
CLOUD Act ,
Cybersecurity ,
Data Breach ,
Data Protection ,
EU ,
Facebook ,
General Data Protection Regulation (GDPR) ,
Google ,
Hackers ,
International Data Transfers ,
Marriott ,
Microsoft ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Power Plants ,
Risk Management ,
Russia ,
Securities and Exchange Commission (SEC) ,
Stored Communications Act
On Feb. 21, the Securities and Exchange Commission (SEC) released interpretive guidance on public companies’ disclosure practices regarding cybersecurity breaches and risks to the public....more
3/1/2018
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Disclosure Requirements ,
Hackers ,
Insider Trading ,
Investment Adviser ,
New Guidance ,
Personally Identifiable Information ,
Publicly-Traded Companies ,
Securities and Exchange Commission (SEC)
Cybersecurity has increasingly moved into the spotlight in recent years, with regulators and financial firms alike clambering to keep pace with rapidly changing demands as threats continue to evolve....more
Judge Trims Proposed Class Action Over Wendy’s Data Breach -
Torres v. Wendy’s Int’l, LLC, No. 16-cv-0210 (PGB) (DCI) (M.D. Fla. Mar. 21, 2017).
A U.S. district court judge in Florida trimmed a proposed class action...more
5/1/2017
/ Advertising ,
Article III ,
Background Checks ,
Class Action ,
Credit Cards ,
Cybersecurity ,
Data Breach ,
Disclosure Requirements ,
Email ,
Fair Credit Reporting Act (FCRA) ,
Fast-Food Industry ,
Federal Trade Commission (FTC) ,
Google ,
Grocery Stores ,
Hackers ,
Hiring & Firing ,
Identity Theft ,
Injury-in-Fact ,
Job Applicants ,
Malware ,
Neiman Marcus ,
Phishing Scams ,
Point of Sale Terminals ,
Retail Market ,
Standing ,
Wendy's
OCIE Highlights Frequent Topics for Compliance Deficiencies for Investment Advisers -
On Feb. 7, 2017, the Securities and Exchange Commission’s (SEC’s) Office of Compliance Inspections and Examinations (“OCIE”) published...more
3/2/2017
/ Books & Records ,
Chief Compliance Officers ,
Covered Agreement ,
Custody Rule ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Enforcement Actions ,
Ethics ,
EU ,
Filing Requirements ,
Financial Institutions ,
Financial Services Industry ,
Form ADV ,
Insurance Industry ,
Investment Adviser ,
Investment Advisers Act of 1940 ,
NYDFS ,
OCIE ,
Registered Investment Companies (RICs) ,
Regulatory Oversight ,
Reinsurance ,
Risk Alert ,
Rule 204-2 ,
Securities and Exchange Commission (SEC) ,
Strict Compliance