Earlier this week, Debevoise published an overview of the SEC’s Division of Examination Priorities for 2021. Today, we’re taking a deeper dive into one aspect of those priorities: cybersecurity as it…
On January 12, Judge James Boasberg of the U.S. District Court for the District of Columbia granted plaintiff Guo Wengui’s motion to compel production of a report (the “Report”)—and related…
California voters have approved the new California Privacy Rights Act (“CPRA”). The margin was 56% – 44% – comfortable, if significantly tighter than pre-election polling that showed CPRA winning in…
Earlier this year, we shared a list of 13 technical and nontechnical measures companies can adopt to mitigate the risks of ransomware attacks. With ransomware and other malicious cyber-related attacks…
We’ve noticed that people seemed more determined than usual this year to really unplug during their vacations. That was no doubt a healthy reaction to months of pandemic-related stress. For…
As covered in our previous blog post, the CJEU has invalidated the EU-U.S. Privacy Shield for cross-border transfers of personal data from the EU to the U.S. (the “Schrems II”…
The New York State Department of Financial Services (“DFS”) issued a Statement of Charges and Notice of Hearing (the “Charges”) earlier today against First American Title Insurance Company (“First American”) for…
On July 7, 2020, Avi Gesser and Mengyi Xu from Debevoise’s Data Strategy & Security Group, along with their special guests, Luke Tenery and Joe Shepley of Ankura, had a…
Ransomware attacks continue to plague businesses across the globe. As companies enhance their defenses, attackers increase the sophistication of their software and its deployment. Ransomware attacks used to be limited…
Introduction Much has been written recently on the increased cybersecurity and privacy risks that companies are facing. One of the most effective ways for organizations to mitigate those risks is…