On July 26, 2023, the Securities and Exchange Commission (SEC) adopted the long-awaited final rule requiring that public companies disclose information about cybersecurity incidents within four business days of determining

Continue Reading SEC Finalizes Cyber Rules for Public Companies: What You Need to Know

On Nov. 9, 2022, the New York Department of Financial Services (NYDFS) issued a proposed second amendment to its 2017 cybersecurity regulation for financial service companies.[1] In July 2022

Continue Reading NYDFS Proposes Significant Changes to Its Cybersecurity Regulation

On Aug. 11, 2022, the U.S. Consumer Financial Protection Bureau issued guidance indicating that financial institutions and service providers that fail to adopt sufficient data security measures to protect consumer
Continue Reading CFPB Warns Insufficient Data Security Measures May Violate Consumer Financial Protection Act

On Feb. 9, 2022, the SEC released its long-awaited proposed cybersecurity rule, and there’s a lot to unpack. As GT reported previously, the SEC increased enforcement of cybersecurity
Continue Reading SEC Issues Proposed Cyber Rule, Including 48-Hour Breach Reporting Requirement