Martin Matishak reports: The Senate on Tuesday confirmed Harry Coker to be the country’s next cybersecurity czar, installing the former NSA official as President Joe Biden’s top cyber adviser at a time when the administration is working to revamp the nation’s digital posture. As the new head of the Office of the National Cyber Director,…
Category: Legislation
FCC Partners With States to Increase on Privacy and Data Protection Investigations, Signaling Increased Focus on Future Enforcement
Jonathan P. Garvin of Mintz writes: The Federal Communications Commission (“FCC”) announced Thursday that in furtherance of the work of the agency’s Privacy and Data Protection Task Force, the FCC’s Enforcement Bureau signed Memoranda of Understanding (“MOU”) with the Attorneys General of Connecticut, Illinois, New York, and Pennsylvania to share expertise and resources and to coordinate efforts conducting…
FBI explains how companies can delay SEC cyber incident disclosures
Jonathan Greig and Martin Matishak report: The FBI has published guidance on how companies can request a delay in disclosing cyber incidents to the Securities and Exchange Commission (SEC). The document is a followup to new rules that the SEC approved in June requiring companies to quickly disclose “material” cybersecurity incidents and share the details of their…
The EU’s Cyber Resilience Act Has Now Been Agreed
Mark Young and Aleksander Aleksiev of Covington and Burling write: Yesterday, the European Commission, Council and Parliament announced that they had reached an agreement on the text of the Cyber Resilience Act (“CRA”). As a result, the CRA now looks set to finish its journey through the EU legislative process early next year. As we explained in our…
DFS Announces $1 Million Cybersecurity Settlement With First American Title Insurance Company
Press Release of November 28: The New York State Department of Financial Services (DFS) today announced that First American Title Insurance Company (First American) will pay a $1 million penalty to New York State for violations of DFS’s Cybersecurity Regulation (23 NYCRR Part 500) stemming from a large-scale cybersecurity breach in May 2019. The breach…
Queensland passes mandatory data breach notice laws
Justin Hendry reports: Queensland has become only the second state to legislate a mandatory data breach notification scheme for public sector entities, as an almost identical scheme comes into effect in New South Wales. The Information Privacy and Other Legislation Amendment Bill 2023 passed through the Queensland state Parliament on Wednesday, less than two months…