The threat of a cybersecurity breach is unfortunately one of the ongoing business risks companies face n the current operating environment. For that reason, corporate disclosures of cyber-breach related risks have been a priority of the SEC’s Division of Corporate Finance as well as the agency’s new Chair, Mary Jo White.
Canada’s Office of the Superintendent of Financial Institutions Releases Cyber Security Self-Assessment Guidance
On October 28, OSFI released its Cyber Security Self-Assessment Guidance (the “Guidance”) to aid Federally Regulated Financial Institutions (“FRFI”) in assessing its level of preparedness against cyber risks. The Guidance was drafted in response to OSFI’s Plans and Priorities for 2013-2016, a plan that emphasizes vigilance against the increasing frequency and sophistication of cyber threats.
Board Oversight of Cybersecurity and Cyber-Security Disclosures: Answers to Some of the Key Questions
Cyber security is top of mind for companies, and cyber-security oversight is top of mind for corporate directors. I recently co-moderated a panel discussion for directors on board oversight of cyber security and cyber-security disclosures. I thought I’d share my thoughts on some of the key issues.
As practitioners are aware, in February 2013, President Obama issued an executive order directing federal agencies to create a set of voluntary cybersecurity standards and procedures for critical parts of the private sector.
On August 28, 2013, the Obama Administration issued several documents relating to the Cybersecurity Framework that the President called for in Executive Order 13636: Improving Critical Infrastructure Cybersecurity.
In February of 2013, President Obama signed an executive order with the purpose of creating a cybersecurity framework (or set of voluntary standards and procedures) to encourage private companies that operate critical infrastructure to take steps to reduce their cyber risk (see our blog here).
On Tuesday, the White House cybersecurity coordinator posted a blog on the White House website describing incentives that may be made available to private sector “owners and operators.”
In the past week, both the White House and Senate have taken some notable steps on cybersecurity.
Draft FDA Guidance Recommends Cybersecurity Risk Assessments and Management Plans for Premarket Medical Device Submissions
The Food and Drug Administration (FDA) has announced the availability of a new draft guidance document entitled “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices.”
FDA Seeks Enhanced Cybersecurity Risk Management Efforts, Including Premarket Submission Requirements, for Medical Device Manufacturers and Hospitals
Drawing on the increasing use of wireless, Internet- and network-connected medical devices, the Food and Drug Administration (“FDA” or “the Agency”) issued a draft guidance document for comment on June 14, 2013, proposing that manufacturers of medical devices that contain software, firmware, or programmable logic, address cybersecurity risks in premarket submissions.