On March 2, 2023, the White House Office of the National Cyber Director (“ONCD”) released the Biden Administration’s (the “Administration”) long-awaited National Cybersecurity Strategy (the “Strategy”), the first since the…
The Data Strategy and Security team at Debevoise & Plimpton LLP has authored the Practising Law Institute’s 2023 edition of the Privacy Law Answer Book, a user-friendly guide to the laws and…
On December 5, 2022, the Securities and Exchange Commission (the “SEC”) Division of Examinations (“EXAMS”) published a Risk Alert providing observations from recent examinations relating to investment adviser and broker-dealers’…
One of the most difficult challenges for cybersecurity professionals is the increasing complexity of corporate systems. Mergers, vendor integrations, new software tools and remote work all expand the footprint of…
On July 27, 2022, the Securities and Exchange Commission (“SEC”) separately charged three financial institutions with violations of Rule 201 of Regulation S-ID (“Reg S-ID”), also known as the Identity…
On December 7, 2021, the New York Department of Financial Services (“DFS”) released new guidance on multifactor authentication (“MFA”), indicating that it is increasing its review of MFA during examinations,…