Skip to content

menu

Data Protection Report logo
HomeAboutContact
Search
Close
Compliance and risk managementRegulatory responseData breachCurrent Page:Cybersecurity
View topics Archives
Subscribe

Data Protection Report

Data protection legal insight at the speed of technology

Cybersecurity

Subscribe to Cybersecurity via RSS

North Dakota law heightens data security requirements for some financial institutions

Photo of David Kessler (US)Photo of Susan Ross (US)Photo of Marissa Elder (US)
By David Kessler (US), Susan Ross (US) & Marissa Elder (US) on April 28, 2025

Background

On January 7, 2025, North Dakota’s House Industry, Business, and Labor Committee introduced HB 1127, at the request of the Department of Financial Institutions. HB 1127 successfully passed through both legislative chambers and was signed into law by the…

technology-innovation-data-security-locks-keyboard

Federal government announces latest National Cyber Security Strategy

Photo of Imran Ahmad (CA)Photo of John Cassell (CA)Photo of Travis Walker
By Imran Ahmad (CA), John Cassell (CA) & Travis Walker on February 27, 2025

On February 6, the Government of Canada announced its latest National Cyber Security Strategy (the NCSS), detailing the federal government’s plan to help Canadian organizations prepare for and respond to the rapidly evolving and increasingly sophisticated cyber security threats of…

Subscribe to Data Protection Report

Subscribe to this publication

NYDFS settles with insurance companies over failures in their cybersecurity programs

Photo of Dan Pepper (US)Photo of Remi Gambino (US)
By Dan Pepper (US) & Remi Gambino (US) on December 5, 2024

On November 25, 2024, the New York State Department of Financial Services (“NYDFS”) announced it settled with two large insurance companies over allegations of inadequate data security practices in violation of New York’s cybersecurity regulation (23 NYCRR Part 500) (the…

TR v Land Hessen – DPA not obliged to fine under the GDPR

Photo of Shan Nanayakkara
By Shan Nanayakkara on December 3, 2024

By Shan Nanayakkara

In TR v Land Hessen (C‑768/21) the European Court of Justice (“ECJ”) found that following a personal data breach, a supervisory authority is under no obligation to exercise its corrective powers, specifically the power to…

tech-summit-hero-1920-1080-can-50964

2024 Technology Privacy and Cybersecurity Summit | November 25 – 28, 2024

Photo of Imran Ahmad (CA)
By Imran Ahmad (CA) on November 15, 2024

Norton Rose Fulbright Canada invites you to its leading annual technology, privacy, and cybersecurity virtual summit. Learn how to leverage AI for a competitive edge while mitigating its inherent risks.

This four-part series is tailored for legal professionals, business leaders…

Bill C-26: Advancing towards cybersecurity governance in Canada

Photo of John Cassell (CA)Photo of Imran Ahmad (CA)Photo of Marisa Kwan
By John Cassell (CA), Imran Ahmad (CA) & Marisa Kwan on October 30, 2024

Content On September 19, the Senate commenced its second reading of Bill C-26: An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts, marking a significant step forward in the legislative process since…

SEC issues $7 million in disclosure fines to SolarWinds victims

Photo of Chris Cwalina (US)Photo of Will Daugherty (US)Photo of Susan Ross (US)Photo of Gerar Mazarakis (US)
By Chris Cwalina (US), Will Daugherty (US), Susan Ross (US) & Gerar Mazarakis (US) on October 27, 2024

On October 22, 2024, the U.S. Securities and Exchange Commission (“SEC” or “Commission”) issued a series of orders imposing almost $7 million in disclosure fines against four global digital service providers impacted by the 2020 SolarWinds compromise. The SEC accused…

New York hospitals have new cybersecurity requirements

Photo of David Kessler (US)Photo of Susan Ross (US)Photo of Remi Gambino (US)
By David Kessler (US), Susan Ross (US) & Remi Gambino (US) on October 23, 2024

On October 2, 2024, the New York State Department of Health (DOH) published a new cybersecurity regulation (10 NYCRR 405.46) for all general hospitals licensed pursuant to article 28 of the Public Health Law. Although most of the regulation will…

Department of Defense proposes requirements for assessing contractor cybersecurity

Photo of Dan Pepper (US)Photo of Gerar Mazarakis (US)
By Dan Pepper (US) & Gerar Mazarakis (US) on September 16, 2024

Background

On August 15, 2024, the Department of Defense (DoD) proposed amending the Defense Federal Acquisition Regulation Supplement (DFARS) to evaluate contractor cybersecurity (Cybersecurity Assessment Proposed Rule). Contractors already need documented, adequate security for handling sensitive information, but the proposed…

Security cameras, CAN-SPAM, and “reasonable or appropriate security”

Photo of David Kessler (US)Photo of Susan Ross (US)
By David Kessler (US) & Susan Ross (US) on September 9, 2024

On August 30, 2024, the Federal Trade Commission (FTC) announced a proposed settlement with security camera manufacturer Verkada Inc., claiming Verkada committed a variety of unfair or deceptive acts or practices in violation of § 5 of the Federal Trade…

Post navigation

Older Posts 

Data Protection Report

Facebook Twitter RSS LinkedIn YouTube
Published by
Norton Rose Fulbright LLP logo
DisclaimerPrivacy policy

About

More than a news source, the Data Protection Report provides thought leadership on emerging privacy, data protection and cybersecurity issues, and helps its readers proactively address risks and anticipate next steps in this crucial emerging field.

Read more

Topics

Archives

Copyright © 2025, Norton Rose Fulbright LLP. All rights reserved.