On July 26, 2023, the SEC adopted long-anticipated final rules on cybersecurity risk management, strategy, governance and incident disclosure for issuers (“Final Rules”). We summarized the key obligations under the…
On July 26, 2023, the SEC adopted the long-anticipated final rules on cybersecurity risk management, strategy, governance, and incident disclosure for issuers. The new rules are part of the SEC’s larger efforts focused…
On June 28, 2023, the New York Department of Financial Services (“NYDFS”) announced its Revised Proposed Second Amendment to its Cybersecurity Regulation, 23 NYCRR Part 500 (the “Revised Amendment” or…
On Friday, July 7th, 2023, Eric Dinallo, Avi Gesser, Erez Liebermann, Marshal Bozzo, and Stephanie Thomas hosted a webcast that examined the Revised Proposed 2nd Amendment to the Part 500…
On April 19, 2023, the New York Attorney General (the “NYAG”) published new guidance (the “Guide”) recommending security measures for companies entrusted with consumers’ personal information. The Guide supplements the…
On Thursday, June 22 at 10:25 AM (EDT), Erez Liebermann will speak on a panel entitled Policies and priorities to strengthen resilience at the Financial Times Cyber Resilience Summit: Technology…
Big businesses, especially those with a global footprint and operating in regulated sectors, are increasingly confronted with new and diverging cyber incident reporting requirements. A single incident—even a relatively minor…
On May 18, 2023 Debevoise & Plimpton hosted the Second Annual Cyber Counsel Conference. Peers on cyber legal teams gathered for a day of candid conversation, exclusive guests and lots…
Luke Dembosky, Erez Liebermann and Jim Pastore have been named to Cybersecurity Docket’s “Incident Response 50” list for 2023. The list recognizes the “50 best incident response legal and compliance…
Debevoise & Plimpton LLP announced today that Matthew Kelly has joined the firm’s New York office as counsel and a member of its award-winning Data Strategy & Security Group. Mr. Kelly will…