Author

The SEC’s new cybersecurity rules for public companies became effective on December 18, 2023. The rules require disclosure of a cybersecurity event within four business days of a determination that it…

On November 7, 2023, the profilic ransomware group AlphV (a/k/a “BlackCat”) reportedly breached software company MeridianLink’s information systems, exfiltrated data and demanded payment in exchange for not publicly releasing the…

On October 27, 2023, the Federal Trade Commission (“FTC”) approved an amendment (“Amended Rule”) to the Standards for Safeguarding Customer Information (the “Safeguards Rule”) that will require non-banking financial institutions…

On October 16, 2023, the SEC’s Division of Examinations (“EXAMS”) issued its 2024 Examination Priorities (the “2024 Priorities”).  The 2024 Priorities reflect the Commission’s continued scrutiny of information security and…