Cyber Hygiene

US Securities and Exchange Commission’s Office of Compliance Inspections and Examinations Announces Results of Cybersecurity Examination Initiative

By Jeffrey P. Taft, Adam D. Kanter & Matthew Bisanz on August 15, 2017

Posted in Cybersecurity, Financial Services, Government Agency Update / Notice, United States

On August 7, 2017, the Office of Compliance Inspections and Examinations (“OCIE”) of the US Securities and Exchange Commission (“SEC”) announced the results of its second cybersecurity examination initiative.¹ This initiative built on the SEC’s 2014 cybersecurity examination initiative (“Cybersecurity 1 Initiative”) but “involved more validation and testing of procedures and controls surrounding cybersecurity…

The New York State DFS Cybersecurity Regulation: Preparing for Compliance

By Matthew Bisanz, Lawrence R. Hamilton, Stephen Lilley & Jeffrey P. Taft on July 19, 2017

Posted in Cybersecurity, Financial Services, United States, US State Laws

Bylined article by Financial Services Regulatory & Enforcement partner Jeffrey Taft (Washington DC), Corporate & Securities partner Larry Hamilton (Chicago), Cybersecurity & Data Privacy partner Stephen Lilley (Washington DC) and Financial Services Regulatory & Enforcement associate Matthew Bisanz (Washington DC).

NAIC Proposes Cybersecurity Model Law for the Insurance Industry

By Rajesh De, Jeffrey P. Taft, Lawrence R. Hamilton & Brad L. Peterson on March 9, 2016

Posted in Cybersecurity, United States, US State Laws

On March 2, 2016, the National Association of Insurance Commissioners’ (NAIC) Cybersecurity Task Force proposed a comprehensive Model Law that is intended “to establish the exclusive standards for data security and investigation and notification of a breach of data security” for licensed insurance companies. The proposed Model Law would apply to all insurers, producers “and…