News & Analysis as of

Cybersecurity Disclosure

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Steptoe & Johnson PLLC

New York Federal Court Refuses to Extend Accounting Controls Requirements to Cybersecurity Controls

Steptoe & Johnson PLLC on

Section 13(b)(2)(B) of the Securities Exchange Act of 1934 requires public companies to “devise and maintain a system of internal accounting controls.” In a recent opinion, a New York federal court rejected the Securities...more

Skadden, Arps, Slate, Meagher & Flom LLP

Takeaways From the Dismissal of SEC Claims Against SolarWinds and Its CISO

Skadden, Arps, Slate, Meagher & Flom LLP on

The U.S. District Court for the Southern District of New York has dismissed many of the Securities and Exchange Commission’s (SEC’s) claims against software development company SolarWinds and its chief information security...more

A&O Shearman

English court applies Article 49 GDPR derogation to allow a transfer of personal data to Ukraine

A&O Shearman on

The English High Court recently granted a bank permission to transfer personal data disclosed in court proceedings to an authority in Ukraine, a country without UK GDPR adequacy status. The Judge found that the transfer fell...more

Paul Hastings LLP

Public Company Watch: July 2024

Paul Hastings LLP on

In the July edition of our Public Company Watch, we cover key issues impacting public companies, including the new Compliance and Disclosure Interpretations related to the cybersecurity disclosure rules and the recent SEC...more

Robinson+Cole Data Privacy + Security Insider

Privacy Tip #406 – Rite Aid Discloses Data Breach

Robinson+Cole Data Privacy + Security Insider on

Bleeping Computer has reported that Rite Aid has disclosed a data breach affecting 2.2 million individuals. According to the report, Rite Aid stated in its filing with the Maine Attorney General that “We determined by...more

Alston & Bird

SEC Settlement Suggests the Agency’s Attempt to Regulate Cybersecurity Controls

Alston & Bird on

Does the R.R. Donnelley settlement mean heightened Securities and Exchange Commission (SEC) involvement in regulating public companies’ cybersecurity policies and practices? Our Securities Litigation, Privacy, Cyber & Data...more

Wiley Rein LLP

Cyber Update: SEC Issues New Guidance on Cybersecurity Incident Disclosure

Wiley Rein LLP on

On June 24, 2024, the U.S. Securities and Exchange Commission (SEC) Division of Corporation Finance (Corp Fin) added to its Compliance and Disclosure Interpretations (C&DI) related to disclosure of Material Cybersecurity...more

Bass, Berry & Sims PLC

Just In! More Guidance on Material Cybersecurity Incidents (Item 1.05 of Form 8-K)

Bass, Berry & Sims PLC on

On June 24, the Securities and Exchange Commission (SEC) released five additional Compliance and Disclosure Interpretations for Item 1.05 of Form 8-K (Material Cybersecurity Incidents). These interpretations provide...more

Wilson Sonsini Goodrich & Rosati

Corp Fin Issues Additional Guidance Relating to Cybersecurity Incident Disclosure

Wilson Sonsini Goodrich & Rosati on

As questions and commentary continue to arise with respect to the SEC’s rules on disclosure of material cybersecurity incidents, the SEC staff has sought to provide additional guidance on the application of the final...more

Health Care Compliance Association (HCCA)

Privacy Briefs: May 2024

Health Care Compliance Association (HCCA) on

Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more

Health Care Compliance Association (HCCA)

Privacy Briefs: April 2024

Health Care Compliance Association (HCCA) on

The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more

Warner Norcross + Judd

A Note of Caution: Data Breach Reports May be Discoverable

Warner Norcross + Judd on

An organization that has suffered a data breach likely does not want to have to disclose potentially embarrassing or harmful information, especially in a lawsuit resulting from the breach. Simply involving an attorney in...more

Fenwick & West LLP

Cybersecurity Disclosure is Under the SEC Spotlight: Is Your Company Ready?

Fenwick & West LLP on

Cyber incidents are among the fastest-growing existential threats to publicly traded companies. More than a technical headache, breaches can materially impact your bottom line—and the mere news of an incident can send stocks...more

Lowenstein Sandler LLP

SEC’s 2024 Examination Priorities for Investment Advisers

Lowenstein Sandler LLP on

The U.S. Securities and Exchange Commission (SEC) Division of Examinations (the Division) recently released its annual Examination Priorities for fiscal year 2024 (the Report). The Report underlines the Division’s focus on...more

Skadden, Arps, Slate, Meagher & Flom LLP

What Does the SEC’s Complaint Against SolarWinds Mean for CISOs and Boards?

Skadden, Arps, Slate, Meagher & Flom LLP on

On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more

Lowenstein Sandler LLP

SEC’s 2024 Examination Priorities for Broker-Dealers

Lowenstein Sandler LLP on

On October 16, 2023, the U.S. Securities and Exchange Commission (“SEC”) Division of Examinations (the “Division”) released its annual Examination Priorities for fiscal year 2024 (the (“Report”), marking the first time the...more

Snell & Wilmer

SEC’s Final Rule on Cybersecurity, Risk Management, Strategy, Governance, and Incident Disclosure

Snell & Wilmer on

On July 26, 2023, the Securities and Exchange Commission (the “SEC”) adopted final rules relating to enhanced cybersecurity disclosures, which became effective on September 5, 2023 (the “Final Rules”). The Final Rules apply...more

Bradley Arant Boult Cummings LLP

FTC and OCR Take Aim at Tracking Pixels in Joint Letter Warning Hospitals and Telehealth Providers About Privacy and Security...

Bradley Arant Boult Cummings LLP on

In July 2023, the Federal Trade Commission (FTC) and the U.S. Department of Health and Human Services Office of Civil Rights (OCR) sent a joint letter to approximately 130 hospital systems and telehealth providers raising...more

Skadden, Arps, Slate, Meagher & Flom LLP

Privacy & Cybersecurity Update - July 2023

Skadden, Arps, Slate, Meagher & Flom LLP on

In this month’s Privacy & Cybersecurity Update, we examine the newly established data privacy framework between the EU and U.S. and new consumer privacy laws in Oregon and Texas. We also review a court ruling that delayed...more

Seyfarth Shaw LLP

SEC Publishes Public Company Cybersecurity Disclosure Final Rule

Seyfarth Shaw LLP on

What Happened - On July 26, the U.S. Securities & Exchange Commission (SEC) adopted its Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure final rule on a 3-2 vote. The final rule is a modified...more

Wilson Sonsini Goodrich & Rosati

SEC Adopts Cybersecurity Disclosure Rules

Wilson Sonsini Goodrich & Rosati on

On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) announced that it adopted final rules requiring disclosure by public companies of material cybersecurity incidents in a Current Report on Form 8-K, and of...more

Allen Matkins

SEC Adopts Meaningless And Ambiguous "Reasonably Likely" Standard In New Cybersecurity Incident Disclosure Rules

Allen Matkins on

The Securities and Exchange Commission yesterday adopted new rules requiring registrants to disclose on  Form 8-K any cybersecurity incident which they determine to be material.  The new Item 1.05 requires description of the...more

Wilson Sonsini Goodrich & Rosati

SEC Announces Open Meeting to Consider Cybersecurity Rules

Wilson Sonsini Goodrich & Rosati on

On July 19, 2023, the U.S. Securities and Exchange Commission (SEC) announced that it will hold an open meeting on Wednesday, July 26, 2023, to consider whether to adopt rules to enhance and standardize disclosures regarding...more

Health Care Compliance Association (HCCA)

Privacy Briefs: July 2023

Health Care Compliance Association (HCCA) on

A former hospital worker in Arizona was sentenced to 54 months in prison and ordered to pay restitution after pleading guilty to two felony counts involving identity theft and health information disclosure. In the plea deal,...more

Spilman Thomas & Battle, PLLC

For Virginia Employers: Employment Law Changes Effective July 1, 2023

Spilman Thomas & Battle, PLLC on

On July 1, 2023, laws that were passed by the General Assembly and signed into law by Governor Glenn Younkin become effective in Virginia. In the most recent legislative session, a number of new employment laws were passed...more

48 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide