Tag: Risk & Strategy
EU’s Artificial Intelligence Act: The Last Stretch
On Friday, 8 December 2023, European Union lawmakers concluded a provisional agreement on the much-anticipated Artificial Intelligence Act (AI Act). The AI Act – a broad new piece of legislation governing the development, placing on the market and use of AI systems – will apply beyond the EU’s borders and […]
SEC Adopts Comprehensive Cybersecurity Disclosure Requirements
On July 26, 2023, the Securities and Exchange Commission (SEC) voted at an open meeting to adopt final rules to mandate standardized cybersecurity disclosures by public companies. The final rules will: The final rules will become effective 30 days after publication in the Federal Register. Companies other than smaller reporting companies […]
Cybersecurity Governance for Maturing Companies
With cyber resilience top of mind for investors, shareholders, regulators and the plaintiffs’ bar, growing organizations can no longer afford to put their cybersecurity efforts on the back burner. Building a cybersecurity program has become an essential element in the growth strategy. But where do you begin? Cooley’s cyber/data/privacy lawyers […]
“New” Application to an Old Problem: Pennsylvania Supreme Court’s Ruling Likely to Lead to More Cybersecurity Negligence Lawsuits
Pennsylvania’s Supreme Court (“Court”) cleared a path for employees seeking to hold employers responsible for data breaches affecting their information. The Court found that employers are legally obligated to implement and maintain reasonable security measures to protect employees’ personal data in their possession. The Court’s logic, however, may extend beyond […]