[Tree] Texas attorney general investigates connected car manufacturers over data sharing

Version 0.15 (2024-06-07 15:48:29.291000)

updates: Texas Attorney General investigates connected car manufacturers over data sharing

Version 0.14 (2024-06-04 18:10:58.043000)

updates: Texas Attorney General Ken Paxton launches new team to prosecute online privacy and security cases

Version 0.13 (2024-06-01 15:54:34.839000)

updates: Texas enacts comprehensive consumer data privacy law

Version 0.12 (2024-05-22 20:21:29.591000)

updates: SEC adopts amendments to Regulation S-P to enhance data privacy and cybersecurity

Version 0.11 (2024-03-14 15:46:34.980000)

updates: Inclusion of information about the FCC's updated data breach notification rules and legal challenges

Version 0.1 (2024-02-29 19:21:45.476000)

updates: Addition of information about the Texas Data Privacy and Security Act and its impact on Texas attorneys

Version 0.09 (2024-01-31 22:19:10.728000)

updates: Inclusion of updates to security breach rules for telecommunications service providers

Version 0.08 (2024-01-26 01:03:24.384000)

updates: Implementation of FTC's Data Breach Notification Rule for Nonbanking Financial Institutions

Version 0.07 (2024-01-04 20:28:43.791000)

updates: The story now includes information about the Department of Defense's proposed rule for the Cybersecurity Maturity Model Certification Program (CMMC) and the implementation of a new cybersecurity breach reporting regulation by the SEC. It also covers a lawsuit filed by Alpine Securities against Finra and a complaint filed by a ransomware gang against MeridianLink with the SEC.

Version 0.06 (2023-12-22 19:22:52.537000)

updates: SEC issues guidance on cybersecurity disclosure rules for public companies, DOJ establishes processes for delaying Form 8-K disclosures under SEC's cybersecurity rules

Version 0.06 (2023-12-22 19:22:52.537000)

updates: SEC issues guidance on cybersecurity disclosure rules for public companies, DOJ establishes processes for delaying Form 8-K disclosures under SEC's cybersecurity rules

Version 0.05 (2023-12-20 12:59:58.967000)

updates: US government implements stringent cybersecurity regulations across critical infrastructure sectors

Version 0.04 (2023-12-11 21:45:46.659000)

updates: The Securities and Exchange Commission (SEC) has implemented a new cybersecurity breach reporting regulation that emphasizes the importance of cybersecurity risk as business risk. The regulation requires registrants to report cybersecurity incidents that could materially affect investment decisions or publicly available information about a company. The rule has implications for Managed Security Service Providers (MSSPs) and Managed Service Providers (MSPs), as they will be involved in evaluating and investigating cyber incidents for their clients. A study shows that one-third of respondents have evaluated communications with third-party service providers, highlighting the relevance of MSSPs and MSPs in guiding companies through the incident response process. The determination of materiality, which is crucial for reporting incidents, will involve MSSPs and MSPs if they are managing the infrastructure or involved in the incident. The implementation of the regulation requires a risk-based security program that is prepared and tested prior to any incident occurring. The revenue opportunity for MSSPs and MSPs lies in working with clients to minimize the impact of incidents and fostering a security-first culture. However, the regulation is not failsafe, as a ransomware group recently exploited it by filing a complaint with the SEC against a victim for failing to comply with the disclosure regulations. This incident highlights the need for companies to be vigilant and proactive in their cybersecurity practices. [8bbbb096]

Version 0.03 (2023-11-21 15:59:09.889000)

updates: Incorporated information about regulatory concerns, speeches by industry figures, and a new ransomware attack complaint

Version 0.02 (2023-11-21 13:32:49.224000)

updates: Added information about a ransomware attacker filing an SEC complaint

Version 0.01 (2023-11-20 22:40:26.507000)

updates: Added information about the ALPHV/BlackCat ransomware gang filing an SEC complaint against MeridianLink after a data breach.

Version 0.0 (2023-11-16 14:49:13.680000)

updates: