Lance Taubin

About Lance Taubin

Lance Taubin advises clients on cybersecurity and data privacy issues, including cybersecurity breach preparedness and response, cybersecurity and privacy compliance and enforcement, managing cyber risk, technology transactions, and M&A diligence.

[Read Bio]

NYDFS Issues Frontier AI Advisory and Guidance for Heightened Cyber Threat Environment

May 26, 2026 By Kim Peretti, Ashley Miller, Lance Taubin and Taylor Veracka

On May 21, 2026, the New York Department of Financial Services (“NYDFS”) issued two Industry Letters to the organizations it regulates (“Regulated Entities”): “Heightened Cybersecurity Risks Associated with Frontier AI Models” (the “Advisory”) and “Guidance on Measures Regulated Entities Should Consider in a Heightened Cybersecurity Threat Environment” (the “Guidance”) (collectively, the “Letters”). The Letters discuss […]

NYDFS Revises Prescriptive FAQs on Multifactor Authentication

March 5, 2026 By Kim Peretti, Lance Taubin and Ashley Miller

Two months after the New York Department of Financial Services (“NYDFS”) updated its Frequently Asked Questions (“FAQs”), which we wrote about here, NYDFS has released updated FAQs on multifactor authentication (“MFA”) that further clarify 23 NYCRR § 500.12. As we previously reported, the FAQs from December 2025 provided prescriptive guidance, including clarifications on technical requirements […]

CISA Revives CIRCIA Rulemaking

March 2, 2026 By Kim Peretti and Lance Taubin

Almost two years after seeking stakeholder input about a final rule under the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), the Cybersecurity and Infrastructure Security Agency (CISA) announced that it will hold virtual town hall meetings for certain industry sectors in March and April 2026 to solicit additional input on the Notice […]

FBI Launches Operation Winter SHIELD in Effort to Advance Cyber Resilience Across Critical Sectors

February 4, 2026 By Kim Peretti and Lance Taubin

On January 28, 2026, the Federal Bureau of Investigation (FBI) announced the launch of Operation Winter SHIELD, a coordinated initiative designed to promote adoption of core defensive measures that are shown to mitigate common intrusion vectors. Operation Winter SHIELD identifies ten priority actions the FBI views as important in improving organizational cyber resilience. The FBI […]

DOJ Cybersecurity Enforcement Pace Shows No Signs of Slowing Down Going Into 2026

January 20, 2026 By Kim Peretti, Andrew Liebler and Lance Taubin

As 2025 drew to a close, the United States Department of Justice (DOJ) announced significant developments in cases relating to the allegedly deficient cybersecurity practices of two Department of Defense (DoD) contractors. These two cases suggest that the federal government will continue to make DFARS 7012 compliance for companies that process Controlled Unclassified Information (CUI) […]