SEC Adopts New Cybersecurity Rule

Share

On July 26, the Securities and Exchange Commission (“SEC”) finalized a much anticipated rule addressing cybersecurity risk management, strategy, governance, and incident disclosure. Public companies registered with the SEC will soon be required to report material cybersecurity incidents within four business days of determining the incident to be material and to make periodic disclosures regarding cybersecurity risk management, strategy, and governance.

Continue reading “SEC Adopts New Cybersecurity Rule”

Congress Passes New Cyber Incident and Ransomware Payment Reporting Legislation

Share

The United States Congress recently passed legislation that includes new cybersecurity provisions requiring critical infrastructure providers to report cyber security incidents, including the payment of ransom, to the federal government. The bill, also known as the “Strengthening American Cybersecurity Act of 2022,” passed the Senate by unanimous vote on March 1. It then passed the House of Representatives and was signed into law by President Biden on March 15, 2022.

Continue reading “Congress Passes New Cyber Incident and Ransomware Payment Reporting Legislation”

FTC Warns Companies to Fix Vulnerabilities Associated with Log4j

Share

The Federal Trade Commission (FTC) recently warned private entities to remediate any ongoing Log4j vulnerabilities present within their networks or face possible enforcement action.

Log4j is used to record activities in a wide range of systems, sites, and software found in online products and services. Recently, a serious vulnerability in this popular software was discovered. This vulnerability poses a severe risk to millions of users. Most importantly, the Log4j vulnerability is being widely exploited by a growing set of attackers.

Continue reading “FTC Warns Companies to Fix Vulnerabilities Associated with Log4j”

Capping Cyber Casualties: Steps to Avoid Cyberattacks Flowing From Hostilities in Ukraine

Share

Recognizing that cyberattacks have already commenced and could spread beyond the Russian-Ukrainian battlefield, organizations can take several steps to protect themselves. They can recognize the risk. Then organizations can assess likely cyber threats and vulnerabilities, build resilience and take preventive actions, to avoid becoming another casualty in a conflict that already has too many.

Continue reading “Capping Cyber Casualties: Steps to Avoid Cyberattacks Flowing From Hostilities in Ukraine”

SEC Proposes New Cybersecurity Risk Management Rules for Registered Investment Advisers, Registered Investment Companies and Business Development Companies

Share

The Securities and Exchange Commission voted to propose cybersecurity rules that, if adopted, would require investment advisers and funds to implement written policies and procedures to address cybersecurity risk, and would create new reporting, disclosure and record keeping obligations.

Continue reading “SEC Proposes New Cybersecurity Risk Management Rules for Registered Investment Advisers, Registered Investment Companies and Business Development Companies”

U.S. Cybersecurity Officials Issue New Warning Regarding Threats to Critical Infrastructure

Share

On January 11, 2022, the U.S. Department of Homeland Security’s Cyber Security and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) issued a joint advisory, warning of an increasing cybersecurity threat posed by Russian state-backed threat actors to U.S. critical infrastructure.

Continue reading “U.S. Cybersecurity Officials Issue New Warning Regarding Threats to Critical Infrastructure”

©2024 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Attorney Advertising.
Privacy Policy