• |

    Jul. 24, 2024

What Regulated Companies Need to Know About the SEC’s Final Amendments to Regulation S‑P

Last week, a U.S district court dismissed most of the SEC’s claims against SolarWinds, just after the agency had advanced its efforts to regulate cybersecurity by adopting final amendments to Regulation S‑P. The amendments, which are the greatest sea change to date in SEC cyber oversight, mandate a novel incident response and notification regime that demands covered institutions thoroughly reconfigure current policies and procedures. In this guest article, Frankfurt Kurnit partner Richard Borden and associate Andrew Folks examine the Regulation S-P amendments’ key requirements and offer practical compliance steps. See “Key Implications and Practical Cyber Program Lessons From SEC’s R.R. Donnelley Settlement” (Jul. 10, 2024).

Implications of Loper Bright: Impacts on Congress, Courts and Agencies

The Supreme Court recently reversed the long-standing Chevron deference principle in its landmark Loper Bright Enterprises v. Raimondo decision. This two-part article series examines the implications of Loper Bright, including insights shared with the Cybersecurity Law Report by Baker & McKenzie partner Helena J. Engfeldt and Paul Hastings partner Nathaniel Edmonds, as well as commentary from K&L Gates partners made during a firm presentation. This second part addresses the decision’s impact on Congress, courts, regulatory agencies and companies. Part one discussed Chevron deference and examined the Loper Bright opinion and its effect on cybersecurity and privacy enforcement. See “Privacy and Data Security Regulators Discuss Enforcement Priorities and Collaborative Efforts” (Jun. 12, 2024).

Compliance Program Implementation: Compliance Calendars and Testing

Established compliance programs require effective implementation. Two important elements of program implementation include compliance calendars and testing. This article distills insights offered during an ACA Group presentation on creating a compliance calendar, assigning responsibility for compliance, and common test areas, methods and approaches. See “Testing Is an Integral Component of Compliance Programs” (May 29, 2024).

Most-Read Articles

Spotlight on Trailblazing Women

To mark International Women’s Day 2024, women editors and reporters of ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Jill Abitbol, Managing Editor of the Cybersecurity Law Report and Anti-Corruption Report, features notable women in data privacy, cybersecurity, white collar defense, compliance and anti-corruption law, including Christina Montgomery, Leslie Shanklin, Palmina Fava, Alexandra Ross and Lucinda Low. Enjoy reading their inspiring remarks here.

We Celebrate Data Privacy Day 2024

Read the full brief here.