As we approach the end of the year, here are the Top 10 Cybersecurity posts on the Debevoise Data Blog in 2022 by page views. If you are not already…
Key takeaways this November include: EU Digital Operation Resilience Act: Financial services firms – including banks, insurers and private equity firms – should start assessing what they will need to…
On November 9, 2022, the New York Department of Financial Services (the “NYDFS”) announced the publication of the official proposed amendments to its 2017 Cybersecurity Regulation 23 NYCRR 500 (the “Proposed Amendments”). The 60-day…
On 28 November 2022, the European Union finalised the EU Digital Operational Resilience Act (“DORA”). Following a two year implementation period, DORA will impose far-reaching operational resilience requirements and management…
European Data Protection Roundup – September 2022 Key takeaways this September include: Google Analytics: Continue to assess carefully the use of Google Analytics. The Danish Data Protection Agency became the…
Companies face increasing cybersecurity and AI risk from third-party vendors. Cybersecurity risks arise when companies share sensitive personal data or company information with their vendors or when their vendors have…
Throughout September, companies, regulators and policymakers have continued to respond to the fallout from Schrems II. Since our last update we have also seen the second largest fine to date…