A May 1, 2023, Legaltech News article about federal cybersecurity oversight quotes Partner Andreas Kaltsounis about changes agencies are making to their notification requirements.
According to “As Lines Blur Between Privacy and Security, Companies Face ‘Landmines Ahead,’” one change involves the Federal Deposit Insurance Corporation (FDIC), which now says organizations must inform the agency within 36 hours of an incident. This is a “big change” and far less reasonable than the previous timeline, Kaltsounis told the publication. Such developments show that federal agencies are becoming more aggressive in enforcement, he said.
Read the article.