Photo of Joseph Garmon

Mr. Garmon is an associate in Davis Polk’s Litigation Department. His practice focuses on civil litigation, white collar defense and cybersecurity regulatory and compliance issues.

During congressional hearings earlier this month, senators grilled Richard Smith, the former Equifax CEO, on the company’s reporting structure for cybersecurity; specifically, on the appropriateness of Equifax’s CISO reporting to the general counsel.  This has caused several companies to question their own reporting structures for cybersecurity issues.  So what is
Continue Reading

Today marks the first deadline for entities regulated by the New York Department of Financial Services (“NYDFS”) to comply with certain provisions of the recent NYDFS cybersecurity rules.  The NYDFS cybersecurity rules taking effect is a significant event for NYDFS-regulated entities, and for any company facing cybersecurity concerns.  The
Continue Reading

With about a month to go until the first set of NYDFS’s cybersecurity rules go into effect (on August 28, 2017), we are proud to announce the formal launch of the Davis Polk Cyber Blog.  The blog will help you keep pace with industry best practices and be aware
Continue Reading

When the New York Department of Financial Services (“NYDFS”) issued its new cybersecurity rules in March, one question came up frequently:  When are covered entities required to report an unsuccessful cyber attack?  The rules provide that notification must be made to the NYDFS within 72 hours from a determination that
Continue Reading