Most incidents handled by our Norton Rose Fulbright cyber team originate from the customer’s service provider. In many cases it is the service provider’s systems, infrastructure and environment which proves to be the most vulnerable to cyber breaches and security
Background
On January 7, 2025, North Dakota’s House Industry, Business, and Labor Committee introduced HB 1127, at the request of the Department of Financial Institutions. HB 1127 successfully passed through both legislative chambers and was signed into law by the
On February 6, the Government of Canada announced its latest National Cyber Security Strategy (the NCSS), detailing the federal government’s plan to help Canadian organizations prepare for and respond to the rapidly evolving and increasingly sophisticated cyber security threats of
On November 25, 2024, the New York State Department of Financial Services (“NYDFS”) announced it settled with two large insurance companies over allegations of inadequate data security practices in violation of New York’s cybersecurity regulation (23 NYCRR Part 500) (the
By Shan Nanayakkara
In TR v Land Hessen (C‑768/21) the European Court of Justice (“ECJ”) found that following a personal data breach, a supervisory authority is under no obligation to exercise its corrective powers, specifically the power to
Norton Rose Fulbright Canada invites you to its leading annual technology, privacy, and cybersecurity virtual summit. Learn how to leverage AI for a competitive edge while mitigating its inherent risks.
This four-part series is tailored for legal professionals, business leaders
Content On September 19, the Senate commenced its second reading of Bill C-26: An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts, marking a significant step forward in the legislative process since
On October 22, 2024, the U.S. Securities and Exchange Commission (“SEC” or “Commission”) issued a series of orders imposing almost $7 million in disclosure fines against four global digital service providers impacted by the 2020 SolarWinds compromise. The SEC accused
On October 2, 2024, the New York State Department of Health (DOH) published a new cybersecurity regulation (10 NYCRR 405.46) for all general hospitals licensed pursuant to article 28 of the Public Health Law. Although most of the regulation will
Background
On August 15, 2024, the Department of Defense (DoD) proposed amending the Defense Federal Acquisition Regulation Supplement (DFARS) to evaluate contractor cybersecurity (Cybersecurity Assessment Proposed Rule). Contractors already need documented, adequate security for handling sensitive information, but the proposed