All Posts


Possible… but Practical? HUD’s New 12 Hour Cyber Incident Reporting Requirement for FHA-Approved Mortgagees

On May 23, 2024, the U.S. Department of Housing and Urban Development (“HUD”) issued requirements, effective immediately, for all FHA-approved mortgagees to report certain cyber…

Read Post

Living in a Material World: SEC Clarifies Expectations Regarding Form 8-K Disclosure of Material Cybersecurity Incidents

Last month, the Director of the Division of Corporation Finance (“Director”) of the Securities and Exchange Commission (“SEC”) issued new guidance regarding…

Read Post

2022 Hindsight: Breach Notification Year in Review

While new comprehensive state privacy laws took most of the headlines this year, security threats and incident response remain key risk factors for privacy…

Read Post

Carnival Cruise Line’s $1.25 Million Multistate Breach Settlement: 5 Lessons to Avoid and Mitigate Unstructured Data Breaches

Corporate email systems can often become repositories of personal information, with sensitive data elements appearing in the bodies of messages and their attachments, often with…

Read Post

Worried about Ransomware? Ten Steps to Help Legal Counsel Understand and Mitigate the Risk

Executive teams in the U.S. live in fear of a successful ransomware attack, and who can blame them? Attacks are both prevalent…

Read Post