In July, we previewed the new rules adopted by the Securities and Exchange Commission (“SEC”) for Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure. Under these rules, Item 1.05 of…
Key takeaways from January include: Transparency about data processing and retention: In a reminder of the importance of transparency under the GDPR, and the need for companies to make their…
Key takeaways from December include: Concept of non-material damage under GDPR: In an expansive reading of the right to compensation under GDPR, a data subject’s fear that their personal data…
On Monday, February 12, 2024 from 11:00 am to 12:00 pm EST, Erez Liebermann and Martha Hirst from the Debevoise Data Strategy and Security Group will host the next in…
On December 19, 2023, Erez Liebermann and Martha Hirst from the Debevoise Data Strategy and Security Group hosted the first in a series of webcasts in connection with the release…
On December 1, 2023 partners from our Data Strategy & Security, Securities Enforcement, and Capital Markets practices discussed practice tips to implement the SEC’s new cybersecurity rules. Receive the full…
On Tuesday, November 28 Avi Gesser, Erez Liebermann and Stephanie Thomas of the Debevoise Data Strategy and Security group hosted a webcast that examined the final amendments to Cybersecurity Regulation, 23…
On October 16, 2023, the SEC’s Division of Examinations (“EXAMS”) issued its 2024 Examination Priorities (the “2024 Priorities”). The 2024 Priorities reflect the Commission’s continued scrutiny of information security and…
On July 26, 2023, the SEC adopted long-anticipated final rules on cybersecurity risk management, strategy, governance and incident disclosure for issuers (“Final Rules”). We summarized the key obligations under the…
On June 28, 2023, the New York Department of Financial Services (“NYDFS”) announced its Revised Proposed Second Amendment to its Cybersecurity Regulation, 23 NYCRR Part 500 (the “Revised Amendment” or…