Global Privacy & Security Compliance Law Blog

Tag Archives: cybersecurity

Cyber Risk in Finance: A Q&A With Latham Partners

The evolution of cybersecurity-related representations and warranties in M&A transaction documentation has had an impact on financing transactions. Major M&A transactions and IPOs have become the target of increasingly sophisticated cyberattacks, in some cases affecting thousands of companies along the supply chain. Regulators have responded with stepped-up enforcement, extending their reach not just to victim … Continue Reading

New Cyber Incident Reporting Requirements on the Horizon in the US

Companies should take steps now to prepare for the new rules and expectations. By Jennifer C. Archie, Tony Kim, Serrin Turner, Alexander L. Stout, Ryan J. Malo, and James A. Smith The US government continues to expand regulatory requirements around notification and disclosure of major cyberattacks or incidents. New measures are arriving on the heels … Continue Reading

The Pervasive Threat of Business Email Compromise Fraud — and How to Prevent It

Eliminating the risk of business email compromise (BEC) attacks requires all parties to a financial transaction to pay close attention to email security, financial controls, and communication protocols. By Jennifer C. Archie, Serrin Turner, and Tim Wybitul Key Points: The FBI has identified BEC fraud as the No. 1 financial threat to businesses in the US. … Continue Reading

US Government Contractors Face New Cybersecurity Requirements

By Jennifer Archie, Serrin Turner, Kyle Jefcoat, Dean Baxtrasser and Morgan Maddoux As of December 31, 2017, many United States government contractors face a new compliance requirement involving cybersecurity. This requirement will govern most new Department of Defense (DoD) contracts and, significantly, will apply to many current DoD contracts that include the applicable standard contract … Continue Reading

Call for Cybersecurity Guidelines in International Arbitration

By Hanna Roos and Jennifer Archie Cybercrime has become a regular feature of global news. The question is not if another attack will happen, but when. Prominent examples include the leak of millions of attorney-client documents from law firms Appleby and Mossack Fonseca, and the “Petya” attack, which brought DLA Piper’s system to a standstill. … Continue Reading

Financial Institutions Await Response to Concerns Over New York State Department of Financial Services’ Proposed Cybersecurity Rules

By Jennifer Archie, Alan Avery, Serrin Turner, and Pia Naib Dozens of financial institutions and trade associations have lodged emphatic objections with the New York State Department of Financial Services (NYSDFS) in response to the Department’s September 28, 2016 Notice of Proposed Rulemaking entitled “Cybersecurity Requirements for Financial Services Companies” (the Proposed Rules). As published … Continue Reading

6 Key Requirements of China’s First Network Security Law

By Jennifer Archie, Gail Crawford, Serrin Turner, Hui Xu & Lex Kuo The Standing Committee of the National People’s Congress of the People’s Republic of China (PRC) has introduced China’s first and comprehensive Network Security Law (also referred to as Cybersecurity Law). The law will have far-reaching implications for parties that utilize the internet and … Continue Reading

Around the Table: Behind the Headlines of Evolving Cyberthreats

Latham partners Serrin Turner, Jennifer Archie and Jeffrey Tochner sat down with Eric Friedberg, Executive Chairman at Stroz Friedberg, and Matt Olsen, President – Consulting at IronNet Cybersecurity, to discuss current cyberthreat levels and the growing need for companies to devote resources for future risk mitigation.    … Continue Reading

Prevent and Prepare for a Cybersecurity Breach

By Jennifer Archie, Gail Crawford, Andrew Moyle, Serrin Turner, and Brian Meenagh Hacking of organizations’ systems is becoming increasingly commonplace, even with advancements in security practices. To mitigate risk, a company must have an enterprise-level, cross-functional incident response plan that is rehearsed and practiced. In the event of an incident a company with a rehearsed … Continue Reading
LexBlog