Please read the full article here: The DOJ Goes Phishing: The Rise of False Claims Act Cybersecurity Litigation | Law Journal Newsletters
Please read the full article here: The DOJ Goes Phishing: The Rise of False Claims Act Cybersecurity Litigation | Law Journal Newsletters
The U.S. Securities and Exchange Commission is implementing a campaign to overhaul the agency’s expectations around cybersecurity and cyber incident reporting for the financial services industry and corporate America generally. For example, in a recent speech, Chairman Gensler reiterated his focus on cybersecurity and underscored the SEC’s work to “improve…
On February 9, 2022, the U.S. Securities and Exchange Commission (“SEC”) proposed a package of new rules and amendments to enhance cybersecurity preparedness and improve cyber resilience of investment advisers and investment companies against cybersecurity threats and attacks. If adopted, these rules will incorporate existing SEC staff guidance on cybersecurity policies and…
Update: Since going live with the below, the EDPB has published its draft guidelines addressing key aspects of a data subject’s right of access. More to follow soon. Last month, a large number of EU and US companies received queries about their data access request procedures under the General Data Protection…
In what is likely the largest industry-wide vulnerability since the SolarWinds Orion flaw uncovered late last year, a critical software bug was recently discovered within Apache Log4j, an open-source logging utility widely used in business software development. A long list of technology companies have already reported being affected, including such…
If you are not familiar with the FTC’s Health Breach Notification Rule, you are not alone. Issued in 2009, it has never been enforced. That may now change. In a recent Policy Statement, the FTC is putting a new spotlight on the Rule, explaining that the Rule applies to health…
Goodwin is thrilled to welcome Omer Tene and Lore Leitner to the data + privacy + cybersecurity group! More info
Now in its fifth year, the NYDFS Cybersecurity Regulation is a standout among state-level information security regulations. This year, the NYDFS is investing additional resources into cybersecurity, with a new NYDFS Cyber Intelligence Unit formed in 2021, new ransomware guidance, and increasing enforcement. Compliance with the NYDFS Cybersecurity Regulation requires…
There is little doubt that the U.S. Securities and Exchange Commission is making cybersecurity a top priority. SEC Chair Gary Gensler told a Senate committee on Tuesday, September 14, 2021 that the agency is developing a proposal on cybersecurity risk governance, which “could address issues such as cyber hygiene and incident…
I. OVERVIEW The U.S. Food & Drug Administration (“FDA”) has increased its focus on mitigating cybersecurity risks in medical device software. On June 24, 2021, the FDA issued two documents that are important not only for entities that service or remanufacture medical devices (“servicers” and “remanufacturers,” respectively), but also original equipment…