On March 9, 2023, the U.S. Securities and Exchange Commission announced settled administrative charges against Blackbaud Inc.
Continue Reading SEC Brings Cyber Disclosure Enforcement Action
Ransomware
White House Releases National Cybersecurity Strategy
On March 2, 2023, the Biden-Harris Administration announced the release of the National Cybersecurity Strategy.
Continue Reading White House Releases National Cybersecurity Strategy
Claimant to Maintain Anonymity in English High Court Cyber Attack Case
On December 20, 2022, the English High Court has granted the victim of a cyber attack a permanent injunction against cyber attackers whilst the victim organization maintains its anonymity.
Continue Reading Claimant to Maintain Anonymity in English High Court Cyber Attack Case
NYDFS Amends Cybersecurity Rules for Financial Services Companies
On November 9, 2022, the New York Department of Financial Services released their second amendments to their Part 500 Cybersecurity Rules.
Continue Reading NYDFS Amends Cybersecurity Rules for Financial Services Companies
TSA Issues New Railroad Cybersecurity Requirements
On October 18, 2022, the Transportation Security Administration issued a new cybersecurity directive requiring passenger and freight railroad carriers to create plans for responding to cybersecurity incidents. …
Continue Reading TSA Issues New Railroad Cybersecurity Requirements
Biden-Harris Administration Statement on Cybersecurity in America
On October 11, 2022, the Biden-Harris Administration released an informational statement about the current administrations’ progress in strengthening America’s national cybersecurity. …
Continue Reading Biden-Harris Administration Statement on Cybersecurity in America
Cyber Incident Reporting for Critical Infrastructure Act
The Cybersecurity and Infrastructure Security Agency released a Request for Information seeking public input regarding the recently passed Cyber Incident Reporting for Critical Infrastructure Act of 2022. …
Continue Reading Cyber Incident Reporting for Critical Infrastructure Act
Proposed Amendments to NY Financial Services Cybersecurity Regulations Impose New Obligations on Large Entities, Boards of Directors and CISOs
On July 29, 2022, the New York Department of Financial Services posted proposed amendments to its Cybersecurity Requirements for Financial Services Companies. This blog entry provides highlights of the amendments.
Continue Reading Proposed Amendments to NY Financial Services Cybersecurity Regulations Impose New Obligations on Large Entities, Boards of Directors and CISOs
Florida Enacts Law Prohibiting State Agencies from Paying Cyber Ransoms
On July 1, 2022, amendments to Florida’s State Cybersecurity Act took effect, imposing certain ransomware reporting obligations on state agencies, counties and municipalities and prohibiting those entities from paying cyber ransoms. …
Continue Reading Florida Enacts Law Prohibiting State Agencies from Paying Cyber Ransoms
NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches
On June 24, 2022, the New York State Department of Financial Services announced it had entered into a $5 million settlement with Carnival Corp., the world’s largest cruise-ship operator, for violations of the Cybersecurity Regulation in connection with four cybersecurity events between 2019 and 2021, including two ransomware events. …
Continue Reading NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches