On September 21, 2023, the Colorado Division of Insurance (the “Division”) released Regulation 10-1-1, Governance and Risk Management Framework Requirements for Life Insurers’ Use of External Consumer Data and Information…
As we approach the end of the year, here are the Top 10 SEC Cyber/AI posts on the Debevoise Data Blog in 2024 by page views. If you are not…
As we approach the end of the year, here are the Top 10 Cybersecurity posts on the Debevoise Data Blog in 2024 by page views. If you are not already…
As we approach the end of the year, here are the Top 11 Artificial Intelligence (“AI”) posts on the Debevoise Data Blog in 2024 by page views. If you are…
On November 22, 2024, the California Privacy Protection Agency (the “CPPA”) opened the formal public comment period for its recently approved formal proposed rulemaking package for annual cybersecurity audits, automated…
On October 16, 2024, the New York Department of Financial Services (the “NYDFS”) issued an Industry Letter providing guidance on assessing cybersecurity risks associated with the use of AI (the…
When drafting policies on the use of artificial intelligence, one challenge that many businesses face is how to define AI, and relatedly, when should AI governance and compliance programs apply…
On May 16, 2024, the SEC adopted amendments to Regulation S-P (“Reg S-P”) one year after its proposed amendments (the “Proposed Amendments”). The finalized amendments (“Amended Reg S-P”) largely track…
Registered investment advisers (“RIAs”) have swiftly embraced AI for investment strategy, market research, portfolio management, trading, risk management, and operations. In response to the exploding use of AI across the…
On July 26, 2023, the SEC adopted long-anticipated final rules on cybersecurity risk management, strategy, governance and incident disclosure for issuers (“Final Rules”). We summarized the key obligations under the…