Kate Hanniford

About Kate Hanniford

Kate Hanniford is a partner with Alston & Bird’s Privacy, Cyber & Data Strategy Team. . She focuses her practice on cybersecurity counseling, as well as federal securities law compliance, enforcement, and litigation.

[Read Bio]

Additional Cybersecurity Requirements of NYDFS Part 500 Take Effect Today

May 1, 2025 By Kim Peretti, Kate Hanniford, Scott Hilsen, Lance Taubin and Andrew Rice

Today, on May 1, 2025, additional enhanced cybersecurity controls required by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) take effect. Although the Second Amendment was originally adopted in November of 2023, NYDFS established a multi-year rollout of the Second Amendment’s requirements, […]

Congress Seeks Comments on Comprehensive Federal Data Privacy Law

February 25, 2025 By Jennifer Pike, Jennifer Everett, Kate Hanniford and Evan Collier

Since the first comprehensive state data privacy law went into effect in California in 2020, 18 other states have enacted comprehensive data privacy laws, with 14 others currently moving through their respective state legislative process. The proliferation of such state laws is happening at a breakneck pace, and leaving in their wake regulated entities who […]

Last Minute Biden Cybersecurity and Artificial Intelligence Executive Orders Survive Initial Trump Revocations

January 25, 2025 By Kim Peretti, Kate Hanniford, Daniel Felz, Alysa Austin and Andrew Rice

In the final week of the Biden Administration’s term in office, former President Biden issued two high profile executive orders that could have significant ramifications for the cybersecurity and technology industries. The first, issued on January 14, 2025, is an “Executive Order on Advancing United States Leadership in Artificial Intelligence Infrastructure” (the “AI Infrastructure Order”). […]

Texas AG Files Complaint Against Major Insurance Company Regarding Data Practices

January 21, 2025 By Jennifer Everett, Kate Hanniford and Carson Kuck

The Texas Office of the Attorney General recently has become increasingly interested in the practices of organizations who collect and utilize consumer data. On January 13, 2025, the Attorney General of Texas, Ken Paxton, (the “Texas AG”) filed a complaint (the “Complaint”) against a large insurance entity and its subsidiary company (“Defendants”). The Complaint outlines […]

SEC 2025 Examination Priorities Indicate Sustained Focus on Cybersecurity & Data Protection

October 28, 2024 By Kate Hanniford and Kristen Bartolotta

The SEC has released its Examination Priorities: Fiscal Year 2025 (“Examination Priorities”), which may be a useful roadmap to SEC-registered investment advisers, exchanges, and other entities subject to routine examination by the SEC Division of Examinations (“EXAMS”). The Examination Priorities represent the EXAMS Staff’s identification of areas of heightened risks to investors and/or the integrity […]