Joshua M. Silverstein

Subscribe to Joshua M. Silverstein's Posts
Contact:Read more about Joshua M. Silverstein

Strengthening the nation’s cybersecurity has been a top priority for the Biden administration, as reflected in its collaboration with industry, regulatory actions, and the legislation it has supported in Congress, including the Cyber Incident Reporting for Critical Infrastructure Act of 2022. Executive action has been a key tool in the Biden administration’s cyber policymaking toolkit.

On February 9, 2022, the Securities Exchange Commission (“SEC” or “Commission”) voted 3-1 to propose rules, forms and amendments concerning cybersecurity risk management, as well as registered investment adviser and fund disclosures. As we have previously discussed, the proposal under the Investment Advisers Act of 1940 (Advisers Act) and the Investment Company Act of

On March 25, 2022, the United States and the European Union jointly announced an “agreement in principle” to a new trans-Atlantic data privacy framework to facilitate the cross-border transfer of personal data (the “Framework”).1 As part of the Framework, the US has made “unprecedented commitments” related to intelligence collection and surveillance practices.2 The

On March 15, 2022, President Biden signed into law the Consolidated Appropriations Act, 2022, H.R. 2471. Division Y of this omnibus appropriations legislation—the Cyber Incident Reporting for Critical Infrastructure Act of 2022—will create significant new rules requiring US critical infrastructure entities to report cybersecurity incidents and ransom payments to the US government. This legislation marks

On March 9, 2022, the US Securities and Exchange Commission (SEC) voted 3-1 to propose new rules and amendments under the Securities Exchange Act of 1934 that would constitute the SEC’s first attempt to adopt specific rules to comprehensively regulate cybersecurity risk management, strategy, governance and incident reporting for public companies (“registrants”). The stated goals

After months of diplomatic engagement, the early morning of February 24, 2022 saw what President Biden called an “unprovoked and unjustified attack by Russian military forces” on Ukraine. Numerous news reports also have described significant cyber attacks against Ukrainian systems. According to those reports, these attacks follow multiple waves of cyber attacks in the past

Our Global Insurance Industry Year in Review is now in its 10th year. In this report, we discuss developments and trends in insurance industry transactions over the past year, with a particular focus on mergers and acquisitions, corporate finance, insurtech, the insurance-linked securities and convergence markets, as well as tax, regulatory and litigation developments.

A

On September 21, 2021, the US Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) announced several actions intended to “advance the United States government’s broader counter-ransomware strategy,” including an update to OFAC’s October 2020 advisory on ransomware payments and the first Specially Designated National (“SDN”) designation of a virtual currency exchange. OFAC’s action

On July 28, 2021, President Biden signed a national security memorandum that seeks to “significantly improve” the cybersecurity of critical infrastructure systems. The “National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems” (the “Memorandum”) reflects the administration’s conclusion that “[t]he cybersecurity threats posed to the systems that control and operate the critical infrastructure

On April 15, 2021, the Biden administration announced an expansion of existing sanctions against the Russian government, notably including the intelligence service and affiliated parties identified as being responsible for the SolarWinds cyber-attack and other “specified harmful foreign activities,” and signaled a potential willingness to impose additional measures relating to Information and Communications Technology and