AI Washing: Simple Guidance to Avoid Risk
Tech Debt is Common. What does it mean for IPO readiness from a cybersecurity perspective?
Episode 332 -- Deep Dive into SEC’s Internal Controls and Cybersecurity Settlement with R&R Donnelly
Mitigating Political-Law Risk
The Preferred Return Podcast | AIFMD II – Implementation Begins
Why ESG Matters?
Meeting the Proposed SEC Climate Disclosure Requirements
California Regulation of Charitable Fundraising Platforms Part 2 - Reporting Due Diligence, Recordkeeping, and Disclosure Rules
ESG Masterclass — ESG and Impact Investing
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
JONES DAY TALKS®: Court Grants Stay on SEC’s Climate Disclosure Rule, but Companies Should Continue Preparations
ESG Masterclass — ESG and Politics
Ad Law Tool Kit Show – Episode 5 – Surviving an FTC Investigation
SEC’s New Cyber Rules for Publicly Traded Companies — The Consumer Finance Podcast
PLI's inSecurities Podcast - Commissioner Uyeda on “the Perils of Regulation by Theory and Hypothesis”
PLI's inSecurities Podcast - Addressing the “Netflix Problem” in Securities Regulation
What Nonprofit Leaders Need To Know About the Corporate Transparency Act
December 1st Deadline to Adopt Executive Compensation Clawback Policies — The Consumer Finance Podcast
How to Fix the Cyber Incident Reporting Mess--DHS Weighs In
ESG Essentials: What You Need To Know Now - Episode 16 - ESG Backlash
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
The U.S. Securities and Exchange Commission (SEC) Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules officially went into effect in December 2023. Aimed at improving cybersecurity risk...more
This week, the Securities and Exchange Commission (SEC) charged four public companies for alleged deceptive cyber disclosures: Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd., and Mimecast Limited....more
By now, public companies are generally aware of the cybersecurity rules adopted by the U.S. Securities and Exchange Commission a year ago, requiring public companies to disclose material cybersecurity incidents under Item...more
On May 16, 2024, the SEC breathed new life into its decades-old Regulation S-P, which requires firms to adopt policies and procedures for the protection of customer information and records. The amended rule balloons the...more
I work for a public company that recently experienced a ransomware attack. Fortunately, we were able to restore our business operations quickly by obtaining a decryption key from the threat actor. Given that we managed to get...more
Covered institutions will need to review their cybersecurity and incident response policies and procedures ahead of the applicable compliance deadline. ...more
This Holland & Knight blog post is the second installment in a two-part series that examines the challenges to the U.S. Securities and Exchange Commission's (SEC) charges in its landmark case against SolarWinds Corp....more
On July 18, 2024, District Court Judge Engelmayer of the Southern District of New York issued his 107-page opinion and order dismissing most – but not all – of the landmark allegations of the SEC against SolarWinds Corp. and...more
On July 18, a New York federal judge threw out most of the SEC’s claims brought against both SolarWinds Corp. and the company’s chief information security officer (CISO), Timothy Brown....more
On June 24, 2024, the SEC issued five new Compliance & Disclosure Interpretations (C&DIs) relating to the materiality assessment and disclosure requirements of material cybersecurity incidents under Item 1.05 of Form 8-K....more
After a few years of proposing and adopting an unprecedented number of new rules, the Securities and Exchange Commission moderated its rule adoption activities in the second quarter of 2024. During the quarter, the SEC...more
The SEC continues to expand its cybersecurity enforcement authority to include allegations that a company's failure to monitor its managed security service providers (MSSP) amounts to violations of federal securities laws....more
The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more
Welcome to our third issue of 2024 for our construction industry insights e-newsletter - The Site Report. In honor of last week’s Women in Construction Week, last Friday’s International Women’s Day, and Women’s History...more
HHS Cybersecurity Performance Goals and the Healthcare Industry - The healthcare industry is a major target for cyberattacks because of all of the personal information collected from patients. Recognizing that the healthcare...more
Volume 4, Issue 2, 2024 Welcome! Welcome to the second issue of Promissory Notes - our banking and finance e-newsletter - for 2024. Business today is characterized by relentless change. To assist our clients in navigating...more
Are you prepared for the new SEC Rule on Cybersecurity Incident and Risk Management Disclosures? Don't let your business get caught off guard! This webinar will cover important points about the rule and how to effectively...more
As annual reporting season begins, it is important to take a fresh look at the company’s governance and incident response processes and develop risk-informed and compliant disclosures. While many companies are understandably...more
On December 14, 2023, Erik Gerding, Director, Division of Corporation Finance at the Securities and Exchange Commission (“SEC”) gave a speech on the SEC’s final rules (the “Final Rule(s)”) regarding cybersecurity risk...more
As we head into year-end, annual reporting season for FPIs is just around the corner. FPIs are required to file an annual report on Form 20-F with the SEC within four months after the end of their fiscal year (or until April...more
Nelson Mullins invites you to the two-day webinar, Creating a Data Privacy & Security Playbook for 2024: An Overview of Compliance and Regulations, AI, and Data Breach Concerns, on Feb. 7 and 8 in honor of Privacy Day...more
On December 18, 2023, the US Securities and Exchange Commission’s (SEC) new rules enhancing and standardizing disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by companies who...more
The U.S. Securities and Exchange Commission (SEC) adopted final rules in 2023 that are intended to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incident reporting by...more
Key Takeaways - With the SolarWinds enforcement action, the SEC continues to ratchet up its enforcement against companies that fail to properly disclose their cybersecurity incidents and risks. By naming the SolarWinds CISO...more