Chief Information Security Officer (CISO)

An organization’s board of directors assumes ultimate accountability for governing cybersecurity risk. Chief information security officers (CISOs) play an increasingly indispensable role in enabling board members and senior executives to engage in appropriate cyber risk management, communicate using cyber metrics with business objectives in mind, and facilitate proper oversight of the company’s cyber program. Among

On March 5, 2019, the Federal Trade Commission (“FTC”) proposed a number of revisions to its Gramm-Leach-Bliley Act (“GLBA”) regulations, which would (i) change the Safeguards Rule to require financial institutions to implement specific information security controls (in a departure from the FTC’s current non-prescriptive approach to data security), (ii) update its GLBA Privacy Rule

Bylined article by Financial Services Regulatory & Enforcement partner Jeffrey Taft (Washington DC), Corporate & Securities partner Larry Hamilton (Chicago), Cybersecurity & Data Privacy partner Stephen Lilley (Washington DC) and Financial Services Regulatory & Enforcement associate Matthew Bisanz (Washington DC).

Continue reading.