On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). Under the proposed rule, covered entities will have 72 hours to report to CISA a “covered
Aaron Futerman
PRESIDENT BIDEN ISSUES EXECUTIVE ORDER EMPOWERING DOJ TO REGULATE THE EXPORT OF SENSITIVE PERSONAL DATA
By Aaron Futerman, Adam Hickey & Howard W. Waltzman on
On February 28, 2024, President Joe Biden issued Executive Order (“EO”) 14117, empowering the Department of Justice (DOJ) to regulate the export of certain consumer data, in order to prevent certain countries’ governments from obtaining bulk sets of especially sensitive personal data. The EO, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United…
DOJ and FBI Announce Guidance on Seeking Delays in SEC 8-K Filings for Cyber Incidents
On December 12, 2023, the Department of Justice (DOJ) issued guidelines for companies to follow in requesting that the Attorney General authorize delays of cyber incident disclosures required by the U.S. Securities and Exchange Commission (“SEC”) pursuant to Form 8-K Item 1.05.
In July, the SEC finalized a rule (the “Final Rule”), which comes…