On July 8, 2022, the U.S. Department of Justice (the “DOJ”) announced that Aerojet Rocketdyne (“Aerojet”), a California-based aerospace and defense contractor, agreed to pay $9 million to resolve allegations…
On April 19, 2022, Kristin Snyder and Charu Chandrasekhar of Debevoise’s White Collar & Regulatory Defense Group, and Avi Gesser and HJ Brehmer of Debevoise’s Data Strategy & Security Group…
On March 15, 2022, President Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the “Act”) into law, requiring critical infrastructure entities to report covered cybersecurity incidents…
On February 9, 2022, the SEC released its much-anticipated proposed rules relating to cybersecurity risk management, incident reporting, and disclosure for investment advisers and funds. Many of the proposals follow…
On January 24, 2022, SEC Chair Gary Gensler gave a speech on cybersecurity rulemaking to the Annual Securities Regulation Institute, outlining a number of key points he expects the SEC…
In June 2020, Debevoise’s Data Strategy and Security practice group launched the Debevoise Data Blog, where we regularly publish our insights on developments and trends in cybersecurity, artificial intelligence, and…
On November 15, 2021, President Biden signed the Infrastructure Investment and Jobs Act into law, authorizing $1.2 trillion for infrastructure spending, including approximately $2 billion for various federal cybersecurity projects.…
On October 13, the annual Securities and Exchange Commission Speaks seminar concluded with presentations from the Examination, Enforcement, and Investment Management divisions. As SEC regulated entities (including publicly traded companies,…
On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued an updated advisory (the “Advisory”) on sanctions risks associated with payments to threat…