International

Singapore Cybersecurity Agency Publishes Guidelines on Securing AI Systems

October 18, 2024 By Kristen Bartolotta

On October 15, 2024, the Cyber Security Agency of Singapore (“CSA”) published Guidelines on Securing AI Systems (the “Guidelines”) alongside a Companion Guide for Securing AI Systems (the “Companion Guide”), which is intended to serve as support for the Guidelines. In its announcement, the CSA states that while artificial intelligence (“AI”) offers significant benefits for […]

Green Light for the Enforcement of NIS 2 in Limited EU Countries Only

October 17, 2024 By Wim Nauwelaerts, Kelly Hagedorn and Alice Portnoy

EU Member States had until today, October 17, 2024, to transpose the Network and Information Security (NIS) 2 Directive into their national laws. As Directives are not directly applicable in EU Member States, the EU legislator required all 27 Member States to incorporate into their local laws the requirements of NIS 2 and to make […]

EDPB Adopts Opinion on the Use of Processors and Sub-processors

October 11, 2024 By Kelly Hagedorn

On October 7, 2024, the European Data Protection Board (“EDPB”) adopted an opinion on obligations following from the use of processors and sub-processors (the “Opinion”). The EDPB is the body that seeks to ensure harmonised application of the EU GDPR across the European Economic Area (“EEA”) and is comprised of the heads of the data […]

DOJ Unseals Indictment of Evil Corp Member, While OFAC Announces New Evil Corp Sanctions

October 9, 2024 By Kim Peretti, Kelly Hagedorn and Andrew Rice

On October 1, 2024, the Department of Justice (“DOJ”) unsealed an indictment against Aleksandr Viktorovich Ryzhenkov (Александр Викторович Рыженков), a member of the ransomware group Evil Corp. The indictment charges Ryzhenkov with several violations of the Computer Fraud & Abuse Act, as well as conspiring to commit money laundering, arising from his use of a […]

DOJ Continues to Investigate and Prosecute North Korean IT Worker Fraud Scheme

August 16, 2024 By Kim Peretti and Andrew Rice

On Thursday, August 8, 2024, the United States Department of Justice (“DOJ”) announced that it had charged a Nashville man for his alleged role in assisting the Democratic People’s Republic of Korea (“DPRK” or “North Korea”) with a scheme designed to funnel money from legitimate U.S. based businesses through fraudulently hired remote IT workers. The […]