Cybersecurity

Subscribe to Cybersecurity RSS Feed

DOJ Updates Guidance on Corporate Compliance Programs

In a post published earlier this year, we highlighted the importance of proactively managing artificial intelligence (“AI”) risks as part of an effective compliance program. Specifically, we explored the key considerations for organizations to effectively navigate AI-related risks and enhance their compliance efforts.  We also referenced Deputy Attorney General Lisa O. Monaco’s announcement incorporating an … Continue Reading

Insider Dealing: Increasing Scope and Greater Focus from UK and US Enforcement – Are You up to Speed?

The UK and US enforcement agencies have been actively pursuing insider dealing (“insider trading”, in US parlance) since the COVID-19 pandemic ended. The UK and US have different securities enforcement regimes, but both have seen recent developments expanding the scope of conduct that can be prosecuted. For individuals and organizations trading across multiple jurisdictions, it … Continue Reading

SEC v. Jarkesy: Possible Implications for the SEC’s FCPA Enforcement

On June 27, 2024, the Supreme Court issued its opinion in Securities Exchange Commission v. Jarkesy.  The Court held that the Seventh Amendment entitles a defendant to a jury trial when the SEC seeks civil penalties for securities fraud, because these cases replicate common law fraud claims.  S.E.C. v. Jarkesy, No. 22-859, slip op. at … Continue Reading

WEBINAR- The 2024 Revolution in Administrative Law: Chevron and Beyond

Join #TeamSPB’s Ben Glassman, Keith Bradley and Patricia Doersch for a timely webinar on the major decisions recently issued by SCOTUS.  The panel will cover each of the recent decisions (Loper Bright v. Raimondo, SEC v. Jarkesy, Ohio v. EPA, and Corner Post v. the Fed) and discuss the consequences, as well as the opportunities … Continue Reading

End of the Chevron Era: The Future of Agency Enforcement Shifts to Courts

With its second of two landmark decisions impacting the future of federal agency enforcement, SCOTUS struck down the Chevron decision last week.  In a 6-3 decision in Loper Bright Enterprises v. Raimondo, the Court shifted enforcement power away from agencies and to the federal courts. The implications of the Chevron decision are both significant and … Continue Reading

SCOTUS Ruling in Jarkesy Foreshadows Big Changes in Federal Enforcement

SPB’s Keith Bradley authored an article for Bloomberg Law covering a recent SCOTUS decision with significant ramifications: SEC v. Jarkesy. We believe that Jarkesy will decidedly shift the landscape of agency adjudication and regulatory enforcement. For the background and possible implications of this decision, read the full article at Supreme Court’s Jarkesy Ruling Upends SEC … Continue Reading

Who Determines Materiality of Cybersecurity Incidents in Light of Recent SEC Rule Requiring Disclosure of Cybersecurity Incidents?

In December 2023, the U.S. Securities and Exchange Commission’s (“SEC”) new rule requiring disclosure of material cybersecurity incidents became effective. SPB previously analyzed how the new rule applies to incidents affecting third-party vendors and what companies can do to manage reporting risks created by third-party cybersecurity incidents. In the first half of 2024, more than … Continue Reading

Navigating AI Risks: A Guide to Enhancing Corporate Compliance Programs

In today’s rapidly evolving technological landscape, the integration of artificial intelligence (“AI”) into business operations presents unparalleled opportunities for efficiency and innovation. Alongside these advancements, however, come new challenges and risks that must be addressed to ensure regulatory compliance and ethical responsibility. Recently, the Department of Justice (“DOJ”) has underscored the importance of proactively managing … Continue Reading

Navigating Shifting Legal Landscapes: Implications of Deputy Attorney General Lisa Monaco’s Address to Oxford University on Artificial Intelligence

Deputy Attorney General Lisa Monaco’s (“Monaco”) recent remarks at Oxford University shed light on the evolving intersection of artificial intelligence (“AI”) and the criminal enforcement landscape and its profound implications for the United States Department of Justice and beyond. As the Chief Operating Officer of the Department of Justice, Monaco’s insights underscore the critical importance … Continue Reading

Managing and Reporting Third-Party Cybersecurity Incidents Under the New SEC Cyber Risk Regulations

The rules on reporting cybersecurity risks and incidents pose many challenges for companies. Those challenges can be even more difficult when the cybersecurity incident affects third-party systems. With no exceptions for third-party cybersecurity incidents under the new cybersecurity reporting regulations, companies should take proactive steps to assess and respond appropriately to third-party cybersecurity incidents. The … Continue Reading

Recent Changes to FATF’s “Grey List”; Could the UAE be Next Off the List?

Between October 25 and October 27, 2023, the Financial Action Task Force (“FATF”), an international policy-making and standard-setting body dedicated to combating money laundering and terrorist financing, held its third plenary meeting of the year (the “October Plenary”), at which it made important updates to its list of jurisdictions under increased monitoring, often externally referred … Continue Reading

Yet Another False Claims Act Salvo (now #4) in DOJ’s “Civil Cyber-Fraud Initiative”

We have been tracking and reporting on the U.S. Department of Justice’s Civil Cyber-Fraud Initiative (“CCF Initiative”), which U.S. Deputy Attorney General Lisa O. Monaco announced in October 2021. The CCF Initiative employs the powerful False Claims Act (“FCA”) in an effort to “hold accountable entities or individuals that put U.S. information or systems at … Continue Reading

Live Event:  Avoiding Litigation and Navigating Regulatory Challenges Amid Growing Privacy, Cybersecurity and Artificial Intelligence Scrutiny

Join subject matter experts across policy, litigation, and regulation for an engaging discussion around privacy, cybersecurity, and AI.  This live event will be in our Washington DC office and will include perspectives from in-house leaders, a former FBI agent, an incident response forensic expert, world-class public policy experts, and our privacy and cybersecurity professionals.  The … Continue Reading

Rule 10b5-1 Application and Enforcement

On March 1, 2023, the Department of Justice (“DOJ”) and the Securities and Exchange Commission (“SEC”) demonstrated continued interest in investigating insider trading by company executives who possess material non-public information when they unsealed an indictment and filed a civil complaint, respectively, in the Central District of California. Though a Rule 10b5-1 plan—an investment device … Continue Reading

DOJ Announces New Compensation Incentives and Clawbacks Pilot Program

As we recently discussed, the Department of Justice released new guidance covering a multitude of topics, including employees’ use of personal electronic devices and third-party messaging platforms, financial compensation incentives and clawbacks.  At the American Bar Association’s 38th Annual National Institute on White Collar Crime, Deputy Attorney General Lisa Monaco announced the launch of the … Continue Reading

Another False Claims Act Salvo in DOJ’s “Civil Cyber-Fraud Initiative”

We previously offered insight into two False Claims Act (“FCA”) enforcement actions brought by the U.S. Department of Justice (“DOJ”) as part of its “Civil Cyber-Fraud Initiative” (“CCF Initiative”).  Deputy Attorney General Lisa O. Monaco announced the CCF Initiative in October 2021, stating that “[t]he initiative will hold accountable entities or individuals that put U.S. … Continue Reading

DOJ Updates Ephemeral Messaging Guidance

On Friday, March 3, 2023, the DOJ released its updated Evaluation of Corporate Compliance Programs, which included new guidance on ephemeral messaging platforms and other issues. This new guidance was released contemporaneously with Assistant Attorney General Kenneth A. Polite, Jr.’s (‘Polite”) speech at the American Bar Association’s (“ABA”) 38th Annual National Institute on White Collar … Continue Reading

Compliance Risks for Remote and Hybrid Working Models

With the cold and flu season underway and COVID-19 still ever-present, it is a good time to take stock of the potential risks that come with working remotely.  Following the lifting of pandemic restrictions allowing offices to open back up, many companies continued to offer work from home or hybrid arrangements.  It is important for … Continue Reading

Corporate and White-Collar Enforcement in 2023–24

As 2022 comes to a close, is it possible to predict a trend for corporate and white-collar enforcement by the U.S. Department of Justice in 2023? Yes: enforcement will increase in 2023, and it will increase yet more in 2024. Understanding the Department as a dispersed, human institution that responds to incentives explains why.… Continue Reading

OFAC Sanctions Virtual Currency Mixer “Tornado Cash”

On August 8, 2022, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) sanctioned virtual currency mixer Tornado Cash for having laundered more than USD 7 billion worth of virtual currency since its founding in 2019.  This includes over USD 455 million worth of stolen virtual currency associated with the Lazarus Group, … Continue Reading

Cybersecurity Compliance on U.S. Government Contracts and Subcontracts

The U.S. Department of Justice announced late last year that it would utilize the False Claims Act, the U.S. government’s primary civil tool to redress false claims for federal funds and property, to bring actions against U.S. government contractors and subcontractors who do not meet the cybersecurity requirements of a particular contract or grant. The … Continue Reading

Series: Remedies available to companies harmed by industrial espionage

The authors would like to thank Thomas Fogarty and Anya Bharat Ram for their contributions to this post. Section 1832 of the Economic Espionage Act of 1996 (the “Act”) criminalizes the theft of trade secrets “intended for use in interstate or foreign commerce, to the economic benefit of anyone other than the owner.” 18 U.S.C. § 1832(a). … Continue Reading

Series: Types of Industrial Espionage

Industrial espionage refers to various activities performed to gain an unfair competitive advantage, rather than for national security purposes.  As we discussed in a previous article, the ways in which industrial espionage can affect a company are numerous and include theft of trade secrets and disruption to operation. Section 1832 of the Economic Espionage Act … Continue Reading

New DOJ KleptoCapture Task Force to Enforce Russia Sanctions

On March 2, 2022, the U.S. Department of Justice (“DOJ”) announced the creation of the interagency Task Force KleptoCapture (the “Task Force”) to enforce the sanctions, export restrictions, and economic countermeasures against Russian officials and oligarchs in response to the conflict in Ukraine. The Task Force will consist of prosecutors and agents from numerous federal … Continue Reading
LexBlog