“Overall, 2023 met if not exceeded our expectations for the evolution of the cybersecurity regulatory space,” says Caleb Skeath, a data privacy and cybersecurity partner at Covington & Burling LLP. Anticipating continued momentum, the SEC eyes enhanced cybersecurity standards for various market participants, while the Cybersecurity and Infrastructure Agency prepares to unveil rules for vital infrastructure operators.
The FTC, with its “creative aggressiveness,” is expected to push boundaries in privacy and data security activities, creating new obligations. As the regulatory saga unfolds, 2024 promises to be a thrilling chapter in the ever-evolving landscape of cybersecurity and privacy policies.