Search Results for:

Texas’ New Privacy Law Goes Into Effect – And Attorney General Builds Enforcement Team

Since the passing of the California Consumer Privacy Act (CCPA) in 2018, California has led the nation in privacy regulation and enforcement. But, beginning July 1, 2024, Texas will be the new sheriff in town. On July 1, Texas’ Data Privacy and Security Act goes into effect as one of the strongest…

Read More

Goodwin’s 2024 Data, Privacy & Cybersecurity Outlook

As we kick off 2024, many of us are wondering what this year’s hot topics and trends will be in the privacy and cybersecurity sector. Will AI continue to be the trendsetter, even among privacy regulators? And what will businesses do to keep up to date with all emerging laws,…

Read More

October Cybersecurity Awareness Month Closes Out With Notable Changes in U.S. Regulation: New FTC Safeguards and NYDFS Cybersecurity Requirements Revealed

The cybersecurity world is ablaze as recent developments demonstrate an increased expectation of accountability and competence in the space. This trend is unsurprising given high-profile cyber-attacks coupled with advances in artificial intelligence (AI).  In fact, days after releasing the Administration’s Executive Order on the Safe, Secure, and Trustworthy Development and…

Read More

6 Predictions, 6 Attorneys - Goodwin's 2023 Data, Privacy & Cybersecurity Outlook

In honor of Data Privacy Week, and as we kick off 2023, many of us are wondering what this year’s hot topics and trends will be in the privacy and cybersecurity sector. How will the new Privacy Shield in the EU and UK affect data regulation? How will state privacy…

Read More

New Federal Law Mandates Cyber Incident and Ransomware Payment Reporting for Critical Infrastructure Industries

After years of lengthy debates, Congress passed and the President signed into law a bipartisan bill requiring entities in sectors deemed to constitute “critical infrastructure” to report certain cyber incidents and ransomware payments. Currently, companies may and often do voluntarily report cyber incidents to the FBI or other federal agencies,…

Read More

SEC Proposes Expanded and Accelerated Cybersecurity Disclosure by Public Companies

As a significant step in its ongoing initiatives on the disclosure, management and oversight of cybersecurity risks and incidents, on March 9, 2022 the U.S. Securities and Exchange Commission (SEC) proposed new rules that would significantly increase cyber-related disclosures by public operating companies. The proposed rules would: Require disclosure in Form 10-Q…

Read More

SEC Focus on Cybersecurity Begins To Take Shape

The U.S. Securities and Exchange Commission is implementing a campaign to overhaul the agency’s expectations around cybersecurity and cyber incident reporting for the financial services industry and corporate America generally. For example, in a recent speech, Chairman Gensler reiterated his focus on cybersecurity and underscored the SEC’s work to “improve…

Read More

SEC Cybersecurity Rules Target Investment Advisers and Investment Companies

On February 9, 2022, the U.S. Securities and Exchange Commission (“SEC”) proposed a package of new rules and amendments to enhance cybersecurity preparedness and improve cyber resilience of investment advisers and investment companies against cybersecurity threats and attacks. If adopted, these rules will incorporate existing SEC staff guidance on cybersecurity policies and…

Read More