Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

In the spotlight—Cyber resilience and risks around outsourcing

The operational resilience of financial institutions has come under increased scrutiny following a number of recent high-profile IT failures and cyberattacks. Operational resilience itself is much broader than merely IT and cyber events: it covers events ranging from natural disasters to civil unrest, and those impacting critical national and market infrastructure. Learn...

The New Vendor Management World Under NYDFS’ New Cyber Regulation

As of March 1, 2019, the New York State Department of Financial Services’ (NYDFS) cybersecurity regulation, 23 NYCRR Part 500, requires financial services institutions regulated by NYDFS to implement policies and procedures to address the cybersecurity risks posed by third-party service providers to the institutions’ nonpublic information (NPI). Learn...

Cybersecurity and Data Privacy review and update: Looking back on 2018 and planning ahead for 2019

From the implementation of the GDPR to the passage of the CCPA, the year 2018 proved to be a monumental one for cybersecurity and data privacy. Regulators from around the world responded to devastating, large-scale cyber-attacks, and a desire for their citizens to have more control over their data, by passing a wide range of regulations aimed at protecting consumer information. These...

Poland implements comprehensive cybersecurity legislation

Poland is the latest nation to pass extensive cybersecurity legislation that will impact many companies that do business in Poland. The legislation, called the Act on the National Cybersecurity System (ANCS), pertains to critical infrastructure companies and providers of digital services. Any organization that operates within Poland and is designated as one of these types of companies...

DHS Announces Public Hearings and Requests Comments on Handling of Critical Infrastructure Information

  The Department of Homeland Security (“DHS”) announced that it will hold a series of public hearings and request comments on revising its regulations regarding the handling of protected critical-infrastructure information (“PCII”) in an automated and electronic format.  According to the notice published in the Federal Register, DHS is requesting comments on revising its rules...

« Older Entries