On January 24, 2022, SEC Chair Gary Gensler gave a speech on cybersecurity rulemaking to the Annual Securities Regulation Institute, outlining a number of key points he expects the SEC…
Be prepared for increasing scrutiny from the Federal Trade Commission (“FTC”) and other regulators regarding the Log4j vulnerability. The attention of the cybersecurity community has been captured by the recently…
On December 7, 2021, the New York Department of Financial Services (“DFS”) released new guidance on multifactor authentication (“MFA”), indicating that it is increasing its review of MFA during examinations,…
On November 15, 2021, President Biden signed the Infrastructure Investment and Jobs Act into law, authorizing $1.2 trillion for infrastructure spending, including approximately $2 billion for various federal cybersecurity projects.…
On November 8, 2021, the U.S. Department of the Treasury (“Treasury”) announced a new set of sanctions against criminal ransomware actors, the virtual currency exchange Chatex, and three companies providing…
On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued an updated advisory (the “Advisory”) on sanctions risks associated with payments to threat…
Earlier this week, Debevoise published an overview of the SEC’s Division of Examination Priorities for 2021. Today, we’re taking a deeper dive into one aspect of those priorities: cybersecurity as it…
Ransomware attacks continue to plague businesses across the globe. As companies enhance their defenses, attackers increase the sophistication of their software and its deployment. Ransomware attacks used to be limited…