Search Results for: ransomware

NYDFS Releases Significant Enhancements to its Cybersecurity Regulation in the Proposed Second Amendment

November 18, 2022 By Kim Peretti, Kate Hanniford, Ashley Miller and Lance Taubin

The New York Department of Financial Services (“DFS”) released their proposed second amendment to the Cybersecurity Regulation, 23 NYCRR Part 500 (“Proposed Second Amendment”) on October 9, 2022. DFS issued a minor amendment on April 2, 2020, revising the certification of compliance date (from February to April). The Proposed Second Amendment follows DFS’s “pre-proposed” draft […]

UK’s National Cyber Security Centre Releases 2022 Annual Review

November 7, 2022 By Kim Peretti and Kristen Bartolotta

The United Kingdom’s National Cyber Security Centre (NCSC) recently released its 2022 Annual Review, which reports on the state of cyber security threats in the country. As the UK’s technical authority for cyber security, the NCSC releases an annual report covering the cyber threats from the prior 12 months as well as analysis of potential […]

CSBS Releases Cybersecurity Programs to Help Nonbank Financial Services Institutions Improve Cybersecurity Posture

September 28, 2022 By Kim Peretti, Nanci Weissgold, Lance Taubin and Privacy, Cyber & Data Strategy Team

On August 9, 2022, the Conference of State Bank Supervisors (CSBS) released two cybersecurity tools for nonbank financial services institutions to help prepare for state cybersecurity exams and, ultimately, improve cybersecurity maturity. Developed by a multi-state team of cybersecurity examination experts, the Baseline Nonbank Cybersecurity Exam Program and the Enhanced Nonbank Cybersecurity Exam Program (the […]

SEC Sends a Message to Investment Advisers: Take Secure Data Disposal Seriously

September 26, 2022 By Kate Hanniford

On September 20, 2022, the Securities and Exchange Commission (SEC) settled an enforcement action with a large, registered investment adviser (the Firm) for alleged violations of the Safeguards Rule and the Disposal Rule of Regulation S-P that arose in the context of a data disposal process, imposing a $35 million penalty. Specifically, the SEC […]

Germany’s Cyber Threat Landscape – Top 3 Lessons from the BKA Situation Report

August 1, 2022 By Daniel Felz

Germany boasts one of the world’s largest, most sophisticated, and international economies. Companies doing business in Germany are thus an increasingly relevant target for cyberattacks. Germany‘s Federal Criminal Police Office (Bundeskriminalamt or BKA) is the federal law enforcement agency charged with investigating cybercrime, and for coordinating federal-state cooperation in cybercrime matters. The BKA recently published […]