Luke Dembosky – Page 5 – Debevoise Data Blog

Regulation

SEC Adopts New Cybersecurity Rules for Issuers – Part 2 Key Takeaways

By: Charu A. Chandrasekhar, Luke Dembosky, Avi Gesser, Matthew Kaplan, Erez Liebermann, Benjamin R. Pedersen, Paul Rodel, Steven J. Slutzky, Matt Kelly, Mengyi Xu, Kelly Donoghue, John Jacob, Amy Pereira, Chris Duff and Ned Terrace August 7, 2023

On July 26, 2023, the SEC adopted long-anticipated final rules on cybersecurity risk management, strategy, governance and incident disclosure for issuers (“Final Rules”). We summarized the key obligations under the…

Cybersecurity

SEC Adopts New Cybersecurity Rules for Issuers

By: Charu A. Chandrasekhar, Luke Dembosky, Avi Gesser, Matthew Kaplan, Erez Liebermann, Benjamin R. Pedersen, Paul Rodel, Steven J. Slutzky, Matt Kelly, Kelly Donoghue, John Jacob, Amy Pereira, Chris Duff and Mengyi Xu July 28, 2023

On July 26, 2023, the SEC adopted the long-anticipated final rules on cybersecurity risk management, strategy, governance, and incident disclosure for issuers. The new rules are part of the SEC’s larger efforts focused…

Cybersecurity

NYDFS Publishes Revised Amendments to Its Cybersecurity Regulation – What Got Fixed, and What Still Needs Fixing

By: Luke Dembosky, Avi Gesser, Erez Liebermann, Stephanie Thomas and Ned Terrace July 10, 2023

On June 28, 2023, the New York Department of Financial Services (“NYDFS”) announced its Revised Proposed Second Amendment to its Cybersecurity Regulation, 23 NYCRR Part 500 (the “Revised Amendment” or…

Cybersecurity

Lessons from The Financial Stability Board’s Report on Cyber Incident Reporting

By: Luke Dembosky, Avi Gesser, Erez Liebermann, Kristin Snyder, Charu A. Chandrasekhar and Tristan Lockwood May 31, 2023

Big businesses, especially those with a global footprint and operating in regulated sectors, are increasingly confronted with new and diverging cyber incident reporting requirements. A single incident—even a relatively minor…

Cybersecurity

Debevoise & Plimpton Hosts Second Annual Cyber Counsel Conference

By: Luke Dembosky, Avi Gesser and Erez Liebermann May 24, 2023

On May 18, 2023 Debevoise & Plimpton hosted the Second Annual Cyber Counsel Conference. Peers on cyber legal teams gathered for a day of candid conversation, exclusive guests and lots…

Announcement

Luke Dembosky, Erez Liebermann and Jim Pastore named to Cybersecurity Docket’s “Incident Response 50” List for 2023

By: Luke Dembosky, Erez Liebermann and Jim Pastore May 4, 2023

Luke Dembosky, Erez Liebermann and Jim Pastore have been named to Cybersecurity Docket’s “Incident Response 50” list for 2023. The list recognizes the “50 best incident response legal and compliance…

Artificial Intelligence

Debevoise Adds Matthew Kelly to Data Strategy & Security Group, Further Bolstering Market-Leading AI and Cybersecurity Capabilities

By: Luke Dembosky, Avi Gesser and Erez Liebermann April 24, 2023

Debevoise & Plimpton LLP announced today that Matthew Kelly has joined the firm’s New York office as counsel and a member of its award-winning Data Strategy & Security Group. Mr. Kelly will…

Cybersecurity

A Late Winter Blizzard of SEC Cybersecurity Rulemaking: the Proposed BD Cybersecurity Rules and Expanded Reg S-P and Reg SCI Obligations

By: Luke Dembosky, Avi Gesser, Erez Liebermann, Marc Ponchione, Julie M. Riewe, Jeff Robins, Kristin Snyder, Charu A. Chandrasekhar, Sheena Paul, Suchita Mandavilli Brundage, Michael R. Roberts, Mengyi Xu and Ned Terrace March 20, 2023

On March 15, 2023, the U.S. Securities and Exchange Commission (the “SEC”) released a suite of proposed new rules (the “Proposed Rules”) that include: Proposed new cybersecurity rules for broker-dealers,…

Cybersecurity

National Cybersecurity Strategy (Part 1): The White House Urges Private and Public Action

By: Luke Dembosky, Avi Gesser, Erez Liebermann, Jim Pastore, Michael R. Roberts, Mengyi Xu, Noah L. Schwartz, Stephanie Thomas, Jarrett Lewis and Jacob Hochberger March 16, 2023

On March 2, 2023, the White House Office of the National Cyber Director (“ONCD”) released the Biden Administration’s (the “Administration”) long-awaited National Cybersecurity Strategy (the “Strategy”), the first since the…

Cybersecurity

Preparing for the SEC’s Cybersecurity Rules for Registered Investment Advisers, Registered Investment Companies, and Business Development Companies

By: Luke Dembosky, Avi Gesser, Erez Liebermann, Julie M. Riewe, Kristin Snyder, Charu A. Chandrasekhar, Suchita Mandavilli Brundage and Jarrett Lewis March 13, 2023

In February 2022, the SEC proposed its first-ever cybersecurity rules for registered investment advisers (“RIAs”) (including RIAs to private funds) and Funds (which include registered investment companies (“RICs”) and closed-end…