The regulation of cybersecurity remains a new and rapidly evolving space — and regulatory activity and priorities can be somewhat opaque to outside observers. In this special episode of the Faegre Drinker on Law and Technology Podcast, host Jason G. Weiss shares a discussion led by Faegre Drinker’s Peter Baldwin, who sat down with Brent Wilner, senior advisor to the Securities and Exchange Commission’s (SEC) Cyber Unit, and Justin Herring, leader of the New York Department of Financial Services’ (NYDFS) Cybersecurity Division. The two guests share their insights on each agency’s priorities in cybersecurity, data protection and enforcement.

The conversation covers a number of questions, including:

• How did these two agencies — the SEC and the NYDFS — get more involved in cybersecurity regulation?
• On what basis does the SEC bring enforcement actions? What regulations does the SEC regularly invoke? What theories of enforcement does the SEC follow?
• How does the NYDFS determine its enforcement priorities will be in this type of space?
• Inevitably, there is overlap in regulatory activity between an agency like the SEC and the NYDFS. To what extent do you work in tandem with other regulatory and law enforcement agencies? How do those relationships work?
• Cybersecurity is a rapidly evolving space. How do you see your regulatory and enforcement priorities evolving?

About the Author: Jason G. Weiss

Jason G. Weiss leverages a past career as a cybersecurity and computer forensics professional with more than 22 years of decorated service at the FBI to guide clients through the complex and high-stakes issues associated with cybersecurity incident preparedness and response and compliance. View Jason's full bio on the Faegre Drinker website.

About the Author: Peter Baldwin

Peter Baldwin draws on his experience as a former federal prosecutor to counsel clients facing government investigations and cybersecurity issues. View Peter's full bio on the Faegre Drinker website.