Cyber Risk

Germany’s Cyber Threat Landscape – Top 3 Lessons from the BKA Situation Report

August 1, 2022 By Daniel Felz

Germany boasts one of the world’s largest, most sophisticated, and international economies. Companies doing business in Germany are thus an increasingly relevant target for cyberattacks. Germany‘s Federal Criminal Police Office (Bundeskriminalamt or BKA) is the federal law enforcement agency charged with investigating cybercrime, and for coordinating federal-state cooperation in cybercrime matters. The BKA recently published […]

Recent Updates in Two Closely-Watched Cybersecurity and Privacy-Related Securities Fraud Class Actions

April 4, 2022 By Sierra Shear, Cara Peterman and Privacy, Cyber & Data Strategy Team

Observers have been awaiting decisions in a number of cybersecurity and privacy securities fraud class actions with potentially important implications for corporate liability. Over the last several weeks, critical developments emerged in two such cases: the defendants’ motion to dismiss was granted in part and denied in part in In re Zoom Securities Litigation, and […]

White House Releases Recommendations to Protect Against Potential Cyberattacks

March 22, 2022 By Kristen Bartolotta and Privacy, Cyber & Data Strategy Team

The potential for malicious cyber activity has been a concern for the Biden administration throughout the evolving crisis in Ukraine (including the imposition of sanctions against Russia). In response to the concern, the Biden administration, which is now facing “evolving intelligence that Russia may be exploring options for potential cyberattacks,” has released recommendations for companies […]

SEC Proposed Rule Will Require Private Funds to Report Certain Cyber Events

January 31, 2022 By Kate Hanniford and Alysa Austin

On January 26, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules to enhance hedge fund and private fund disclosure requirements and increase regulators’ visibility into the private funds industry. The proposed rules would amend the SEC’s Form PF, the confidential reporting form by which private funds disclose regulatory assets to the SEC, […]

FTC Releases Warning to Companies that Fail to Mitigate Log4j Vulnerability

January 5, 2022 By Alysa Austin and Privacy, Cyber & Data Strategy Team

Less than a month ago, a critical vulnerability was identified in the ubiquitous, open source Log4j tool prompting swift guidance from Cybersecurity and Infrastructure Security Agency (CISA) and other security practitioners. Now, the Federal Trade Commission (FTC) has warned companies that it “intends to use its full legal authority” against any company that fails to […]