Tagged as: Cybersecurity

SEC Cybersecurity Rules Target Investment Advisers and Investment Companies

On February 9, 2022, the U.S. Securities and Exchange Commission (“SEC”) proposed a package of new rules and amendments to enhance cybersecurity preparedness and improve cyber resilience of investment advisers and investment companies against cybersecurity threats and attacks. If adopted, these rules will incorporate existing SEC staff guidance on cybersecurity policies and…

Read More

The Princeton University Data Access Research: A Timely Reminder to Revisit Data Subject Request Processes

Update: Since going live with the below, the EDPB has published its draft guidelines addressing key aspects of a data subject’s right of access.  More to follow soon. Last month, a large number of EU and US companies received queries about their data access request procedures under the General Data Protection…

Read More

Critical Log4j Vulnerability Wreaks Havoc Across Cyberspace

In what is likely the largest industry-wide vulnerability since the SolarWinds Orion flaw uncovered late last year, a critical software bug was recently discovered within Apache Log4j, an open-source logging utility widely used in business software development. A long list of technology companies have already reported being affected, including such…

Read More

Link to Video - NYDFS Cybersecurity Regulation Webinar

Now in its fifth year, the NYDFS Cybersecurity Regulation is a standout among state-level information security regulations. This year, the NYDFS is investing additional resources into cybersecurity, with a new NYDFS Cyber Intelligence Unit formed in 2021, new ransomware guidance, and increasing enforcement. Compliance with the NYDFS Cybersecurity Regulation requires…

Read More

SEC Makes Cybersecurity Top Priority; Sanctions Firms For Cybersecurity Failures

There is little doubt that the U.S. Securities and Exchange Commission is making cybersecurity a top priority. SEC Chair Gary Gensler told a Senate committee on Tuesday, September 14, 2021 that the agency is developing a proposal on cybersecurity risk governance, which “could address issues such as cyber hygiene and incident…

Read More

Mitigation of Cybersecurity Risks in Medical Device Software: FDA Discussion & Insights for OEMs, Remanufacturers, and Servicers

I. OVERVIEW The U.S. Food & Drug Administration (“FDA”) has increased its focus on mitigating cybersecurity risks in medical device software. On June 24, 2021, the FDA issued two documents that are important not only for entities that service or remanufacture medical devices (“servicers” and “remanufacturers,” respectively), but also original equipment…

Read More

NYDFS Issues Ransomware Guidance Aimed at Combatting Rising Cyber Threats

The exponential rise in ransomware attacks in the past year has everyone on high alert, not least of which are regulators. Following on the heels of a June 2, 2021 White House memo addressing ransomware prevention, on June 30, 2021 the New York Department of Financial Services (“NYDFS”) issued new ransomware guidance of its…

Read More