On Halloween, the New York and Vermont attorneys general obtained a $700,000 settlement from Hilton for, among other violations, late breach notification. Davis Polk has published a blog post on this increase in cyber regulation enforcement and the effect on breach notification deadlines. The full blog post is available at … Read More
On October 23, 2017, the Reserve Bank of India (“RBI”) announced that it was fining India’s Yes Bank $1 million USD for failing to comply with RBI’s breach notification requirement, among other violations. Davis Polk has published a blog post on this escalation in breach notification enforcement and what it … Read More
During congressional hearings earlier this month, senators grilled Richard Smith, the former Equifax CEO, on the company’s reporting structure for cybersecurity; specifically, on the appropriateness of Equifax’s CISO reporting to the general counsel. Davis Polk has published a blog post on the reporting structure for CISOs and factors companies should … Read More
The Federal Reserve’s proposed supervisory guidance on corporate governance is a breath of fresh air that should encourage banking boards to focus on their core responsibilities and avoid blurring the distinctions between executive and non-executive duties. It is also a signal that supervisors intend to move away from the blunt … Read More
In a Risk Perspective released on July 7, 2017, the Office of the Comptroller of the Currency (“OCC”) emphasized the need for institutions to be cyber resilient – i.e., be able to respond to cyber attacks by managing various risks. Acting Comptroller Keith Noreika noted in a speech on the … Read More
Three recent cybersecurity events highlight the need for companies to review their access controls to limit who has administrator privileges and how long those elevated privileges last.
First, this week, computer malware that has variously been called PetyaWrap, WannaCry2, GoldenEye and NotPetya began spreading in dozens of countries, encrypting computers … Read More
On June 26, 2017, the full D.C. Circuit Court of Appeals split down the middle over whether the Securities and Exchange Commission’s (the “SEC’s”) appointment of Administrative Law Judges (“ALJs”) is consistent with the Constitution. As detailed in a prior alert, panels of the Tenth and D.C. Circuit Courts … Read More
This evening, Treasury Secretary Mnuchin published the long-awaited report on proposals to existing banking regulations (press release here), which is the first of what will be several reports, in accordance with President Trump’s February 3 Executive Order on Core Principles for Regulating the U.S. Financial System. The report … Read More
Today’s inauguration of the 45th U.S. president begins a period of single-party control of the government with expectations for major legislation, including tax reform.