All Blog postsAs outlined by the Securities and Exchange Commission (SEC) in its proposed changes to rules regarding disclosure of cybersecurity incidents, there has been a steady increase in cyberattacks, some of which have had devasting effects on businesses, consumers, and investors. The SEC proposal is premised on the belief that investors would benefit from more timely and consistent disclosure about material cybersecurity incidents and greater availability and comparability of disclosure by public companies.
Read more »Tag: incident response
-
SEC Proposes Rules to Increase Reporting About Cybersecurity Incidents Posted on: July 27, 2022 In: Data Privacy & Cybersecurity
-
UPDATE: Strengthening American Cybersecurity Act of 2022 Signed Into Law Posted on: March 28, 2022 In: Data Privacy & CybersecurityOn March 15, 2022, the Strengthening American Cybersecurity Act, which includes the Cyber Incident Reporting for Critical Infrastructure Act of 2022 was signed into law by President Biden, thereby creating new reporting requirements for critical infrastructure entities. Under the Act, entities considered to be critical infrastructure must notify the Cybersecurity and Infrastructure Security Agency within 72 hours of discovering a covered cyber incident and within 24 hours of a ransomware payment.
Read more »
-
Standing Up the Strengthening American Cybersecurity Act of 2022 Posted on: March 16, 2022 In: Data Privacy & CybersecurityThe U.S. Senate unanimously passed the Strengthening American Cybersecurity Act on March 1, 2022. If signed into law, it would create an affirmative obligation for critical infrastructure entities across 16 federally designated critical infrastructure sectors, including energy and financial services, to report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency.
Read more »
-
Banking Organizations & Bank Service Providers Subject to New Computer-Security Incident Notification Rule Posted on: November 24, 2021 In: Data Privacy & CybersecurityOn November, 18, 2021, the Federal Deposit Insurance Corporation, the Board of Governors of the Federal Reserve System, and the Office of the Comptroller of the Currency issued a joint final rule to establish computer-security incident notification requirements for banking organizations and their bank service providers. The final rule's new definition narrows the focus to those incidents most likely to materially and adversely affect BOs, while still retaining general consistency with the NIST definition.
Read more »
-
You’ve Experienced a Ransomware Attack - Now What? 5 Practical Steps to Take In Response to a Ransomware Attack Posted on: March 11, 2021 In: Data Privacy & CybersecurityBy now, most of you know that due to the COVID-19 pandemic and the shift to remote work, data security incidents increased both in number and severity in 2020 and show no signs of slowing down in 2021. What you may not know, however, is what to do when your business experiences a ransomware attack. This post details five steps your organization should take immediately to reduce the impact of the attack.
Read more »
-
Breach Notification Requirements Proposed for Banks Posted on: March 09, 2021 In: Data Privacy & CybersecurityOn January 12, 2021, the Office of Comptroller of the Currency, the Federal Reserve Board, the Federal Deposit Insurance Company, and the Office of Thrift Supervision published a proposed rule that would substantially enhance banking organizations’ notification obligations in response to data security incidents. It would require a banking organization to provide its primary federal regulator with prompt notification of any “computer-security incident” that rises to the level of a “notification incident.”
Read more »
-
Top Five Cybersecurity Suggestions for 2021 Posted on: February 12, 2021 In: Data Privacy & CybersecurityAs hard as it is to believe, we are already more than a month into 2021 – and our Data Privacy & Cybersecurity Team is well on its way to managing over 2,000 data security incidents this year. It serves as an important reminder that a few cybersecurity suggestions can have a big impact as we embrace the months to come. The following are our top five suggestions to enhance the security of your network, detect intruders more quickly, and reduce the scope and expense of data security events this year.
Read more »
-
Legislative Alert: Maryland Amends Data Breach Notification Law to Improve Incident Response Posted on: May 16, 2019 In: Data Privacy & CybersecurityOn April 30, 2019, Maryland enacted an amendment to Maryland’s Personal Information Protection Act (Md. Code Ann. § 14-3504), which becomes effective on October 1, 2019. The amendment was introduced in response to a rise in consumer complaints about identity theft.
Read more »
Blog Search
Featured Posts
- February 10, 2023 Historic Hermès Jury Verdict Paves Way for Digital Trademark Rights
- January 13, 2023 Sports Law: A Year in Review & What to Watch for in 2023
- January 06, 2023 Federal Trade Commission Cracks Down on Non-Compete Agreements
- December 06, 2022 Just In Time: Last Minute Compliance Tips for the CPRA and VCDPA
Blog Tags
9th circuit
ada
america invents act
arbitration
breach notification
california
ccpa
college
college athletes
colorado
compensation
compliance
congress
consumer data
consumer notification
copyright
coronavirus
covid-19
cpra
cybersecurity
cyber threat
data breach
data privacy
data security
disability
discrimination
dol
eeoc
employee handbook
employers
employment agreements
employment law
equal pay
european union
executive order
family leave
fbi
fcra
federal circuit
flsa
fmla
gdpr
hacking
healthcare
hipaa
hiring
human resources
identity theft
illinois
incident response
independent contractors
infringement
inter partes review
irs
labor law
legislative alert
litigation
malware
marijuana
medical leave
minimum wage
multi-factor identification
ncaa
new jersey
new york
nil
nlrb
non-competition
osha
overtime
paga
paid leave
patent law
patents
payroll
personal data
personal information
phishing
privacy law
privacy protection patchwork
ptab
ransomware
reasonable accommodation
sexual harassment
sports
sports law
statute
student-athletes
supreme court
tax returns
termination
title ix
title vii
trademark
trade secrets
virginia
wage and hour
wages
washington
workplace safety