Erez Liebermann – Page 2 – Debevoise Data Blog

Artificial Intelligence

Part 2 – Helpful Guidance on Managing (Non-Cybersecurity) AI Risks from Hong Kong’s SFC

By: Luke Dembosky, Avi Gesser, Gareth Hughes, Erez Liebermann, Matt Kelly, Emily Lam and Suchita Mandavilli Brundage November 21, 2024

In Part 1 of this series, we discussed the recent Circular and accompanying Appendix issued by Hong Kong’s Security and Futures Commission (the “SFC”) on cybersecurity risks and mitigations related…

Artificial Intelligence

Helpful Guidance on Managing AI-Related Cybersecurity Risks from Hong Kong’s SFC

By: Avi Gesser, Erez Liebermann, Luke Dembosky, Gareth Hughes, Matt Kelly, Emily Lam and Suchita Mandavilli Brundage November 18, 2024

On November 12, 2024, Hong Kong’s Security and Futures Commission (the “SFC”) issued a Circular (the “Circular”) with an accompanying appendix (the “Appendix”) setting out the SFC’s view of the…

Compliance

Part 500, One Year Later (Part Two) – Defining “Material Compliance”

By: Luke Dembosky, Avi Gesser, Erez Liebermann, Stephanie Thomas and Joshua A. Goland November 13, 2024

November 1, 2024 marked the one-year anniversary of the second amendment to the New York Department of Financial Services’ (“NYDFS” or the “Department”) Cybersecurity Regulation (the “Regulation” or “Part 500”).…

Data Transfers

Biden Administration Proposes to Limit Access to Sensitive Personal Data by Countries of Concern

By: Satish Kini, Rick Sofield, Erez Liebermann, Robert Dura, Taylor Richards, Stephanie Thomas, Jordan Corrente Beck and Yair Strachman November 6, 2024

The Department of Justice (“DOJ”) has moved ahead with its effort to protect Americans’ sensitive personal data and U.S. government data from exploitation by countries of concern or related covered…

Compliance

Cyber Whistleblower Leads to DOJ Civil Settlement

By: Avi Gesser, Luke Dembosky, Andrew M. Levine, Erez Liebermann, Jim Pastore, Stephanie Cipolla and Michelle Shen November 4, 2024

On October 22, 2024, the U.S. Department of Justice (“DOJ”) announced that The Pennsylvania State University (“Penn State”), a public university in University Park, Pennsylvania, agreed to pay $1.25 million…

Artificial Intelligence

Webcast – Tips on Managing Cybersecurity Risks Arising from AI – New Guidance from the NYDFS

By: Charu A. Chandrasekhar, Luke Dembosky, Avi Gesser and Erez Liebermann October 30, 2024

On November 8th, Avi Gesser, Luke Dembosky, Erez Lieberman, and Charu Chandrasekhar from the Debevoise Data Strategy and Security Group discussed the recent NYDFS Industry Letter providing guidance on assessing…

Cybersecurity

NYDFS Part 500, One Year Later (Part One) – New Requirements Effective November 1, 2024

By: Avi Gesser, Erez Liebermann, Stephanie Thomas and Joshua A. Goland October 30, 2024

November 1, 2024, marks the one-year anniversary of the second amendment to the New York Department of Financial Services’ (“NYDFS” or the “Department”) Cybersecurity Regulation (the “Regulation” or “Part 500”).…

Enforcement

SEC Charges Four Companies for Misleading Cyber Disclosures

By: Andrew J. Ceresney, Charu A. Chandrasekhar, Luke Dembosky, Erez Liebermann, Benjamin R. Pedersen, Julie M. Riewe, Matt Kelly, Anna Moody, Kelly Donoghue, Ciera Mandelsberg and Noah L. Schwartz October 28, 2024

On October 22, 2024, the U.S. Securities and Exchange Commission (the “SEC”) announced settled charges in separate actions against four technology companies—Avaya Holdings Corp. (“Avaya”), Check Point Software Technologies Ltd.…

Cybersecurity

Making Tabletop Exercises Worth the Time and Resources

By: Luke Dembosky, Erez Liebermann, Stephanie Cipolla and Melyssa Eigen October 25, 2024

When a company is hit by a cyber attack, normal business gives way to the chaos of managing the investigation, operational disruptions, legal issues, and communications with customers, employees, vendors,…