On November 2, members of our Data Security & Strategy and White Collar & Regulatory Defense teams hosted a webcast on the SEC’s Cybersecurity Year in Review 2021. The panelists,…
Several recent developments have caused companies to review their whistleblower policies and procedures, especially in the areas of cybersecurity and artificial intelligence (“AI”). First, on October 28, 2021, New York…
Debevoise’s Data Strategy & Security practice has launched its Debevoise Data Portal. The Portal, which had been in beta testing since June 2020 with a select group of users, is…
On October 13, the annual Securities and Exchange Commission Speaks seminar concluded with presentations from the Examination, Enforcement, and Investment Management divisions. As SEC regulated entities (including publicly traded companies,…
Almost everyone working in cybersecurity compliance is aware that each U.S. state has its own set of breach notification requirements. What is less known is that many of these states…
The U.S. Securities and Exchange Commission this week took the rare step of penalizing a company for its allegedly poor disclosure of a cyber incident. The SEC announced a $1…
Earlier this year, we wrote about the SEC’s cybersecurity priorities. Since then, the SEC announced a settlement with First American Title Insurance and Services (“First American”) for violating Rule 13a-15(a)…
Companies face increasing risk to their operations resulting from a cyber breach of a critical vendor. We have recently written about creating a sensible cybersecurity and AI risk framework for…
Our three previous articles in this series on the future of AI regulation have discussed the RFI on AI issued by U.S. banking regulators, the draft EU AI regulation, and…
In our first post in this series on the future of AI regulation, we discussed the recent request for information (“RFI”) from U.S. federal banking regulators on the use of…