Cybersecurity regulation and best practice in the US and UK
Produced in partnership with Jennifer Archie, Lore Leitner and Alexander Stout of Latham and Watkins LLP

The following Financial Services practice note produced in partnership with Jennifer Archie, Lore Leitner and Alexander Stout of Latham and Watkins LLP provides comprehensive and up to date legal information covering:

  • Cybersecurity regulation and best practice in the US and UK
  • Introduction to cybersecurity in financial services firms
  • Evolving regulatory regime/enforcement
  • Data regulation and enforcement climate in the UK—protecting customer data from disruption, hacks and thefts
  • Regulatory developments in the UK
  • Regulation in the US
  • Being prepared to respond to major attacks
  • Risk assessments
  • Governance—pre-staging breach prevention and response expertise
  • Vendor selection and supervision
  • More...

Cybersecurity regulation and best practice in the US and UK

BREXIT: 11pm (GMT) on 31 December 2020 (‘IP completion day’) marked the end of the Brexit transition/implementation period entered into following the UK’s withdrawal from the EU. Following IP completion day, key transitional arrangements come to an end and significant changes begin to take effect across the UK’s legal regime. This document contains guidance on subjects impacted by these changes. Before continuing your research, see: Brexit and financial services: materials on the post-Brexit UK/EU regulatory regime.

Introduction to cybersecurity in financial services firms

In the wake of continued escalations in phishing and denial of service attacks against banks and other financial institutions, financial services firms face a rapidly evolving threat and government regulatory climate. Regulators in the United States have stepped up oversight and expectations for multiple layers of security and obligations to notify national regulators of significant cyber attacks or data breaches. In the United Kingdom, more than 80% of UK companies suffered a security breach in 2014, according to the Government Communications Headquarters (GCHQ), a British intelligence agency. PricewaterhouseCoopers has reported that the total number of worldwide security incidents climbed to 42.8m in 2015, a 48% rise from 2013. The compound annual growth rate of security incidents has increased 66% year-on-year since 2009. The Ponemon Institute estimates that, on average in the 2015 financial year, each data breach

Popular documents