Kate Hanniford

About Kate Hanniford

Kate Hanniford is a partner with Alston & Bird’s Privacy, Cyber & Data Strategy Team. . She focuses her practice on cybersecurity counseling, as well as federal securities law compliance, enforcement, and litigation.

[Read Bio]

SEC 2025 Examination Priorities Indicate Sustained Focus on Cybersecurity & Data Protection

October 28, 2024 By Kate Hanniford and Kristen Bartolotta

The SEC has released its Examination Priorities: Fiscal Year 2025 (“Examination Priorities”), which may be a useful roadmap to SEC-registered investment advisers, exchanges, and other entities subject to routine examination by the SEC Division of Examinations (“EXAMS”). The Examination Priorities represent the EXAMS Staff’s identification of areas of heightened risks to investors and/or the integrity […]

President Biden Signs First National Security Memorandum Focused on AI

October 27, 2024 By Kim Peretti, Kate Hanniford, Kellen Dwyer and Daniel Felz

On October 24, 2024, President Biden signed the first-ever National Security Memorandum (“NSM”) focused on artificial intelligence (“AI”), pursuant to subsection 4.8 of Executive Order 14110. The NSM provides guidance on developing, employing, and strengthening AI usage within the federal government. The NSM outlines three main objectives which serve as guideposts in directing the U.S. […]

NYDFS Issues Guidance on Artificial Intelligence-related Cybersecurity Risks

October 17, 2024 By Kim Peretti, Kate Hanniford, Ashley Miller, Lance Taubin and Colton Jackson

On October 16, 2024, the New York Department of Financial Services (“NYDFS”) issued an industry letter covering Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks (the “Industry Letter”). The Industry Letter contains guidance for entities regulated by NYDFS (“Covered Entities”) in assessing and responding to cybersecurity risks related to the use […]

NYDFS Releases Industry Letter on the Use of Self-Service Password Reset Feature

January 23, 2024 By Kim Peretti, Kate Hanniford, Lance Taubin, Ashley Miller and Colton Jackson

On January 12, 2024, the New York State Department of Financial Services (“NYDFS”) released a new Industry Letter on the use of self-service password reset (“SSPR”) services, which enable users to reset their own password without the assistance of help desk or IT professionals. The Industry Letter discusses the risks associated with the use of […]

NYDFS Releases Consent Order in First Enforcement Action Brought Under the Cybersecurity Regulations

December 18, 2023 By Kate Hanniford, Lance Taubin, Ashley Miller and Kristen Bartolotta

After a three-year investigation/enforcement action by the New York Department of Financial Services (“NYDFS”), NYDFS entered into a Consent Order with a large title insurer (the “Company”) for its violation of NYDFS’s Cybersecurity Regulation (23 NYCRR Part 500) (the “Regulation”), specifically, its failure to protect non-public information (“NPI”). NYDFS originally brought the enforcement action in […]