Cybersecurity and National Security Resource Center

Federal Trade Commission Expands Reach of Safeguards Rule to Require More Entities to Report Data Security Breaches

The FTC recently announced an amendment expanding data security reporting requirements for non-banking financial institutions. Under the rule, entities such as mortgage brokers, motor vehicle dealers and payday lenders will have to implement comprehensive data security programs and report cybersecurity breaches to the FTC—imposing significant new obligations on certain businesses that have not traditionally been subject to extensive data privacy regulation.

DOJ Previews New Guidance on Voluntary Self-Disclosures in Mergers and Acquisitions While Signaling Continued Focus on Corporate National Security Crimes

In a recent speech, Principal Deputy Attorney General Marshall Miller emphasized the Department of Justice’s increased focus on corporate national security matters and the national security challenges facing companies today.

Recent DOJ Announcement Signals Continued Surge of Resources to Combat Corporate National Security Crime

The DOJ recently appointed two veteran prosecutors as the first Chief Counsel and Deputy Chief Counsel for Corporate Enforcement in the National Security Division.

SEC Adopts New Cybersecurity Disclosure Requirements

The SEC has adopted new disclosure requirements to enhance and standardize public company disclosures regarding cybersecurity risk management and incident reporting.

President Biden Issues Executive Order Creating Unprecedented Outbound Investment Review Prohibitions Targeting China

President Biden issued an executive order creating the first-ever U.S. outbound investment review mechanism. 

White House Signals Additional Private Sector Cyber Obligations as Part of National Cybersecurity Strategy Implementation Plan

The White House recently released a National Cybersecurity Strategy Implementation Plan setting out the next steps in the administration’s March strategic plan. 

DOJ and OFAC Reach Historic Resolutions With British American Tobacco for North Korea Sanctions Violations

The U.S. Department of Justice and the U.S. Department of Treasury Office of Foreign Assets Control (OFAC) recently reached resolutions with British American Tobacco and its Singaporean subsidiary to resolve charges of bank fraud and North Korea sanctions violations.

» more

Recent DOJ Prosecutions Underscore the Risk From “Insider” Cyber Threats

Two recent prosecutions demonstrate that the threat is sometimes inside the house and underscore that companies must invest not just in protecting themselves from outside hackers but also in guarding against the risks posed by trusted insiders.

» more

On One-Year Anniversary of Russia’s Invasion of Ukraine, OFAC and BIS Announce Expansive New Sanctions and Export Controls

The U.S. government announced a new wave of sanctions and export controls targeting Russia and Belarus on the one-year anniversary of Russia’s invasion of Ukraine. 

The Year Ahead: Key Cybersecurity and Privacy Issues for 2023

Against a backdrop of an evolving threat environment, expect new regulations on cybersecurity and privacy from federal, state and international authorities and increased enforcement.

Peter Carey to Discuss Implications of New SEC Rules for Public Company Cybersecurity at Infosec World Conference

Litigation counsel Peter Carey will give a presentation on “Public Company Cybersecurity: Implications of New SEC Rules for Managing Cyber Risk” as part of Infosec World, a leading cybersecurity conference for security practitioners and executives.

Mark Mendelsohn to Discuss Corporate Crime and National Security at GIR Annual Meeting

Litigation partner Mark Mendelsohn will participate in a panel, “Addressing a ‘troubling trend’ – the intersection of corporate crime and national security,” as part of Global Investigations Review’s Annual Investigations Meeting New York 2023.

John Carlin Discusses Developments in Cybersecurity Law in Berkeley Law Webinar

Cybersecurity & Data Protection Co-Chair John Carlin participated in a webinar, “Cybersecurity Law in Review,” as part of Berkeley Center for Law & Technology (BCLT)’s IP & Tech Month 2023.