Tag: Cybersecurity
China Issues Network Data Security Management Regulations
On September 30, 2024, China’s State Council released the Network Data Security Management Regulations, which will enter into force on January 1, 2025. The regulations apply to “electronic data processed and generated through the network” (covering personal information, “important data” and all other types of electronic data) and provide implementing […]
Cybersecurity in the US
As our world becomes increasingly digital, the importance of cybersecurity has never been more critical. In the first blog post in our series for Cybersecurity Awareness Month, we explored the cybersecurity regulatory efforts in Europe, looking at the Digital Operational Resilience Act (DORA), the Network and Information Security Directive (NIS2) […]
Navigating Privacy and Cybersecurity Challenges in the Automotive and Mobility Sector
In this first installment of our series on the automotive and mobility sector, Cooley cyber/data/privacy lawyers introduce the key data privacy legal issues facing the automotive and mobility sector and provide an overview of the US state and federal regulatory enforcement environment. US Regulators Target Automotive Sector The wave of […]
Cybersecurity in the European Union
As our world becomes increasingly digital, the importance of cybersecurity has never been more critical. From personal devices to enterprise networks, cyber threats are evolving at an alarming pace, targeting vulnerabilities and exploiting our growing reliance on technology. October marks ‘Cybersecurity Awareness Month’ – a global initiative to promote awareness […]
Federal Court Dismisses Bulk of SEC’s Complaint Against SolarWinds in Cyberattack Case
On July 18, 2024, US District Judge Paul Engelmayer of the Southern District of New York issued a detailed 107-page opinion and order dismissing most of the US Securities and Exchange Commission (SEC) case against SolarWinds and its chief information security officer (CISO). The SEC’s amended complaint alleged that SolarWinds and its […]
SEC Settles Charges Against RR Donnelley Related to Cybersecurity Incident Disclosure and Internal Access Controls
On June 18, 2024, the Securities and Exchange Commission (SEC) announced that it had settled claims against RR Donnelley (RRD) related to a 2021 ransomware and cyber extortion attack. Despite RRD having discovered and reported the incident within 30 days (a relatively short time frame for investigating complex data breaches), […]
Utah, Colorado Pave Way for AI-Specific State Laws – Is Your Company Ready for the Impending Regulation Wave?
The regulation of artificial intelligence (AI) has drawn significant interest from policymakers in the US, particularly at the state level. There has been a recent slew of legislative activity with respect to comprehensive AI bills across various states. We expect to see this new wave of comprehensive AI regulation at […]
Fatal Flaws in SEC’s Amended Complaint Against SolarWinds
In March 2024, a coalition of more than 50 cybersecurity leaders and organizations called for dismissal of an amended complaint by the Securities and Exchange Commission (SEC) against SolarWinds and its chief information security officer (CISO), Tim Brown. Amici from the business community and the software industry, as well as […]
Fatal Flaws in SEC’s Amended Complaint Against SolarWinds
In March 2024, a coalition of more than 50 cybersecurity leaders and organizations called for dismissal of an amended complaint by the Securities and Exchange Commission (SEC) against SolarWinds and its chief information security officer (CISO), Tim Brown. Amici from the business community and the software industry, as well as […]
CISA Opens Notice and Comment Process on CIRCIA Draft Regulations
On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security published a long-awaited notice of proposed rulemaking (NPRM) pursuant to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). Signed into law in 2022 by President Joe Biden, CIRCIA required CISA to […]