On Halloween, the New York and Vermont attorneys general obtained a $700,000 settlement from Hilton for, among other violations, late breach notification.  Davis Polk has published a blog post on this increase in cyber regulation enforcement and the effect on breach notification deadlines.  The full blog post is available at … Read More

On October 23, 2017, the Reserve Bank of India (“RBI”) announced that it was fining India’s Yes Bank $1 million USD for failing to comply with RBI’s breach notification requirement, among other violations. Davis Polk has published a blog post on this escalation in breach notification enforcement and what it … Read More

During congressional hearings earlier this month, senators grilled Richard Smith, the former Equifax CEO, on the company’s reporting structure for cybersecurity; specifically, on the appropriateness of Equifax’s CISO reporting to the general counsel.  Davis Polk has published a blog post on the reporting structure for CISOs and factors companies should … Read More

The Federal Reserve’s proposed supervisory guidance on corporate governance is a breath of fresh air that should encourage banking boards to focus on their core responsibilities and avoid blurring the distinctions between executive and non-executive duties.  It is also a signal that supervisors intend to move away from the blunt … Read More

Three recent cybersecurity events highlight the need for companies to review their access controls to limit who has administrator privileges and how long those elevated privileges last.

First, this week, computer malware that has variously been called PetyaWrap, WannaCry2, GoldenEye and NotPetya began spreading in dozens of countries, encrypting computers … Read More

On June 26, 2017, the full D.C. Circuit Court of Appeals split down the middle over whether the Securities and Exchange Commission’s (the “SEC’s”) appointment of Administrative Law Judges (“ALJs”) is consistent with the Constitution.  As detailed in a prior alert, panels of the Tenth and D.C. Circuit Courts … Read More

This evening, Treasury Secretary Mnuchin published the long-awaited report on proposals to existing banking regulations (press release here), which is the first of what will be several reports, in accordance with President Trump’s February 3 Executive Order on Core Principles for Regulating the U.S. Financial System. The report … Read More