On July 26, 2023, the Securities and Exchange Commission (“SEC”) issued a final rule that requires registrants to provide enhanced and standardized disclosures regarding “cybersecurity risk management, strategy, governance...more
8/29/2023
/ Cryptoassets ,
Cyber Incident Reporting ,
Cyber Threats ,
Cybersecurity ,
Final Rules ,
Form 10-K ,
Materiality ,
Ransomware ,
Reporting Requirements ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act of 1934
In its continued efforts to enhance the cybersecurity of transportation and other critical infrastructure systems across the country, the Transportation Security Administration (TSA) issued on October 19, 2022 a new security...more
Following significant collaboration with the industry, the Transportation Security Administration (TSA) issued a revised directive, effective July 27, 2022, which updates one of the prior directives issued in the wake of a...more
On May 19, 2022, the Department of Justice (“DOJ”) announced significant clarifications to its policy on charging Computer Fraud and Abuse Act (“CFAA”) violations that give some comfort to cyber security consultants who...more
6/9/2022
/ Computer Fraud and Abuse Act (CFAA) ,
Cyber Crimes ,
Cybersecurity ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Financial Institutions ,
Good Faith ,
Hackers ,
Popular ,
SCOTUS ,
Van Buren v United States
At a sanctions conference held in Washington D.C. on May 5, government officials, practitioners and corporations highlighted the government’s broadening focus on anti-corruption enforcement, across more traditionally siloed...more
5/17/2022
/ Anti-Bribery ,
Anti-Corruption ,
Anti-Money Laundering ,
Arms Export Control Act ,
Cryptocurrency ,
Cybersecurity ,
Economic Sanctions ,
Enforcement ,
Environmental Social & Governance (ESG) ,
Foreign Corrupt Practices Act (FCPA) ,
International Emergency Economic Powers Act (IEEPA) ,
ITAR ,
New Regulations ,
Office of Foreign Assets Control (OFAC) ,
Risk Management ,
Russia ,
Ukraine
Amid the escalating conflict in Ukraine and concerns of Russian cyber threats to the United States, President Joe Biden recently signed a $1.5 trillion government spending deal with serious cybersecurity reporting obligations...more
3/17/2022
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Economic Sanctions ,
Enforcement ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Joe Biden ,
Russia ,
Ukraine
Russia began a physical invasion of Ukraine Wednesday night, and as the United States responded with sanctions, the threat of cyberattacks against American companies became more acute. Major American businesses – from banks...more
A vulnerability so dangerous that Cybersecurity and Infrastructure (CISA) Director Jen Easterly called it “one of the most serious [she’s] seen in [her] entire career, if not the most serious” arrived just in time for the...more
On Tuesday, the U.S. Department of Treasury’s Office of Foreign Asset Control (“OFAC”) issued an updated advisory warning all ransomware victims that if they succumb to ransomware demands and pay foreign actors who are...more
9/24/2021
/ Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
FBI ,
Guidance Update ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
Sanctions ,
SDN List ,
Strict Liability ,
U.S. Treasury
Last Friday, China passed the world’s harshest data privacy law, threatening violators with fines of up to 50 million Yuan (or about $7.7 million at the time of publication) or 5% of annual revenue. The Personal Information...more
On the heels of the First American enforcement action and settlement, this week, the SEC announced a settlement with Pearson plc in connection with a 2018 cyber breach. The SEC disclosed that Pearson, a London-based...more
Data privacy lawyers and cyber security incident response professionals are losing sleep over the growing number of federal courts ordering disclosure of post-data breach forensic reports. Following the decisions in Capital...more
As cyberattacks continue to attract greater attention, the SEC has taken an additional step in its efforts to bring enforcement actions related to cyber disclosures. On June 14, the SEC announced settled charges against a...more
6/22/2021
/ Cease and Desist Orders ,
Cyber Attacks ,
Cybersecurity ,
Data Security ,
Disclosure Requirements ,
Enforcement Actions ,
Fines ,
Internal Controls ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act ,
Security Breach
On June 3, 2021, the White House issued a memorandum announcing anti-corruption as a core national security interest. The memorandum explains that, “[c]orruption threatens United States national security, economic equity,...more
6/10/2021
/ Anti-Bribery ,
Anti-Corruption ,
Anti-Money Laundering ,
Bank Secrecy Act ,
Biden Administration ,
China ,
Corporate Transparency Act ,
Cybersecurity ,
Economic Sanctions ,
Enforcement ,
Enforcement Actions ,
Export Controls ,
Foreign Agents Registration Act (FARA) ,
Foreign Corrupt Practices Act (FCPA) ,
National Security ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Securities and Exchange Commission (SEC)
The cyber landscape is changing once again, in terms of impact, policy and potential exposure. In the wake of the Colonial Pipeline hack, the Biden administration released a long-awaited Executive Order intended to strengthen...more
5/18/2021
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Department of Energy (DOE) ,
Energy Regulatory Commission ,
Enforcement ,
Executive Orders ,
Federal Contractors ,
Hackers ,
National Security ,
Pipelines ,
Popular ,
Proposed Regulation ,
Regulatory Oversight