DHS and Cyber: What Should Companies Expect?
Welcome to Saul Ewing’s Public Companies Quarterly Update series. Our intent is to, on a quarterly basis, highlight important legal developments of which we think public companies should be aware. This edition is related to...more
On April 4, the Cybersecurity and Infrastructure Security Agency published a notice of proposed rulemaking setting out mandatory reporting requirements for covered entities that experience cybersecurity incidents or make...more
Large companies holding sensitive data – including financial services, telecommunications, business process outsourcing, hospitality, and cryptocurrency firms – as well as their IT helpdesks, are increasingly being targeted...more
On July 26, 2023, the Securities and Exchange Commission adopted new rules imposing disclosure requirements regarding cybersecurity risk management, strategy, governance and incidents. The new rules, which became effective...more
In the wake of Russia’s invasion of Ukraine, and amid growing concerns regarding the threat of increased cyberattacks targeting infrastructure and other critical industries, there has been a flurry of federal activity to...more
A significant expansion of rules relating to cybersecurity risks - particularly for the financial sector - is under consideration by the Securities and Exchange Commission (SEC). In public remarks last week, SEC Chair...more
The Apache Log4j vulnerability continues to command significant attention throughout the public and private sectors. In a recent interview, the director of the US Cybersecurity and Infrastructure Security Agency (CISA)...more