For years, the Gramm-Leach-Bliley Act (GLBA) has required financial institutions to maintain reasonable safeguards for consumer data, but has only had limited breach-reporting requirements. To the extent financial institutions were subject to … [Read more] about Data Breach Notification Requirements under the Safeguards Rule Now in Effect
On July 1, 2024, the Tennessee Ensuring Likeness, Voice, and Image Security Act of 2024 (“ELVIS Act” or “the Act”) will go into effect, bolstering the limitations on the unauthorized commercial use of an individual’s voice. The Act, which amends the … [Read more] about Tennessee Law Designed to Combat Deepfakes Set to Take Effect in July
On May 22, 2024, the Director of the Division of Corporation Finance (“Corp Fin”) of the Securities and Exchange Commission (“SEC”) issued further guidance regarding disclosure of cybersecurity incidents on Form 8-K. The statement builds … [Read more] about SEC Corporation Finance Director Clarifies that Form 8-K Item 1.05 Disclosures Should be Limited to “Material” Cybersecurity Incidents
On May 7, 2024, the United States unsealed an indictment against Dmitry Yuryevich Khoroshev, one of the leaders of the Russian-based ransomware group LockBit, for his alleged involvement in developing and distributing the LockBit ransomware. … [Read more] about LockBit Takedown Indicates Shifting DOJ Cyber Strategy and Has Implications for Ransomware Victims
Earlier this year, the National Institute of Standards and Technology (NIST) issued an update to its Cybersecurity Framework (CSF) with the release of version 2.0, the first update since April 2018 (version 1.1). While the core components of CSF … [Read more] about NIST Cybersecurity Framework 2.0 Prioritizes Governance and Flexibility