NYDFS Releases Consent Order in First Enforcement Action Brought Under the Cybersecurity Regulations | News & Insights

Advisories October 24, 2024

Privacy, Cyber & Data Strategy Advisory: NYDFS Issues Guidance on Artificial-Intelligence-Related Cybersecurity Risks

Our Privacy, Cyber & Data Strategy Team explores new guidance from the New York Department of Financial Services for covered entities to combat what it considers the most pressing cybersecurity risks of artificial intelligence (AI).

Advisories April 9, 2024

Privacy, Cyber & Data Strategy / Securities Litigation Advisory: Board Oversight and Cyber Breach Response: What Involvement Strikes the Right Balance?

New regulations continue to push boards in the direction of active engagement in their cyber oversight role, including breach response. But, how can boards strike the right balance in their oversight role during a significant cybersecurity incident? Members of our Privacy, Cyber & Data Strategy Team and our Securities Litigation Group weigh in.

Blog Posts May 1, 2025

Additional Cybersecurity Requirements of NYDFS Part 500 Take Effect Today

Today, on May 1, 2025, additional enhanced cybersecurity controls required by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) take effect. Although the Second Amendment was originally adopted in November of 2023, NYDFS established a multi-year rollout of the Second Amendment’s requirements, […]

The post Additional Cybersecurity Requirements of NYDFS Part 500 Take Effect Today appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

Advisories April 16, 2025

Privacy, Cyber & Data Strategy Advisory | Cybersecurity Controls: What Do Regulators Expect Nowadays?

Our Privacy, Cyber & Data Strategy Team highlights the increasingly specific cybersecurity controls identified by regulators, explains why these enhanced cybersecurity controls have become the focus of regulators, and shares practical tips for companies navigating this rapidly evolving territory.

Advisories January 16, 2025

Privacy, Cyber & Data Strategy / Immigration Advisory | North Korean IT Remote Worker Fraud Scheme Data Security and Employment Law Impact

The recent indictment of 14 North Korean nationals for fraudulently obtaining remote IT jobs with U.S.-based companies underscores the importance of vigilant hiring practices. Our Privacy, Cyber & Data Strategy and Immigration teams offer actionable steps businesses can take to avoid worker fraud schemes while complying with federal and state antidiscrimination laws.