Most businesses in the United States will have to file incident reports—including for ransomware payments—under the Proposed Rule.
The Department of Homeland Security has the authority to issue subpoenas and even penalties...more
4/10/2024
/ Covered Entities ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Homeland Security (DHS) ,
Enforcement Actions ,
New Rules ,
NPRM ,
Popular ,
Proposed Regulation ,
Ransomware ,
Reporting Requirements ,
Risk Management
The Federal Communications Commission (FCC) has created a baseline for wireless consumer IoT products to protect against cybersecurity threats.
The voluntary program uses criteria established by the National Institute of...more
In recent guidance, the Department of Justice made clear that it will very rarely grant an extension of registrants’ deadline to disclose material cybersecurity incidents under the SEC’s Final Rules.
Under the Securities and...more
1/15/2024
/ Cybersecurity ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
Fraud ,
Internal Controls ,
National Security ,
New Rules ,
Popular ,
Regulation S-K ,
Securities and Exchange Commission (SEC) ,
SolarWinds ,
Vulnerability Assessments
In the United States, the CRI pledge would only limit payments by the federal government, not state and local governments nor private-sector entities.
The International Counter Ransomware Initiative (CRI) convened in...more
Although that new smart refrigerator might seem like a fun gadget and great way to sync up grocery lists, smart appliances have the potential to become vectors in malicious power grid attacks. Or what about the increasingly...more
Artificial intelligence wins big in President Biden’s FY 2024 budget request with billions in new funding proposed for AI-related research, hardware, software and services at the departments of Defense, Energy, Homeland...more
5/8/2023
/ Artificial Intelligence ,
Biden Administration ,
Cybersecurity ,
Department of Defense (DOD) ,
Department of Energy (DOE) ,
Department of Health and Human Services (HHS) ,
Department of Homeland Security (DHS) ,
Department of Transportation (DOT) ,
Enforcement ,
Federal Budget ,
Federal Trade Commission (FTC) ,
National Science Foundation ,
Popular ,
Regulatory Oversight
The SEC has nearly doubled the size of its Crypto Assets and Cyber Unit and has aggressively pursued cyber-related enforcement actions against public companies and regulated entities.
In a few months the SEC will finalize...more
2/6/2023
/ Cryptoassets ,
Cybersecurity ,
Disclosure Requirements ,
Enforcement ,
Investigations ,
Investment Adviser ,
Popular ,
Proposed Rules ,
Publicly-Traded Companies ,
Regulation S-K ,
Risk Assessment ,
Securities and Exchange Commission (SEC) ,
SolarWinds
The SAFETY Act, a liability management program managed by the Department of Homeland Security, can be used by businesses to limit or eliminate potential liability associated with ransomware attacks.
To take advantage of...more
Providers of sports betting services must ensure that their cybersecurity protocols and data privacy policies adequately protect their systems and users.
Since the Supreme Court struck down the federal ban on sports gambling...more
5/11/2022
/ Casinos ,
Cyber Attacks ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Incident Response Plans ,
Murphy v National Collegiate Athletic Association ,
Online Gaming ,
Policies and Procedures ,
Popular ,
Risk Management ,
SCOTUS ,
Sensitive Personal Information ,
Sports Betting ,
Sports Gambling
The SEC’s recent enforcement actions, public statements and proposed rulemaking indicate that cybersecurity will be an area of heightened focus for the Gensler Commission.
New proposed rules would require public companies...more
3/30/2022
/ Broker-Dealer ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Enforcement Actions ,
Investment Adviser ,
National Security ,
Popular ,
Proposed Rules ,
Rulemaking Process ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act
DOJ launches new initiative that promises to use the False Claims Act to combat cybersecurity threats by targeting government contractors who knowingly fail to comply with cybersecurity protocols.
The Civil Cyber-Fraud...more
10/26/2021
/ Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Justice (DOJ) ,
Executive Orders ,
False Claims Act (FCA) ,
Federal Contractors ,
Federal Grants ,
Fraud ,
Joe Biden ,
Popular ,
Safeguards Rule ,
Whistleblower Protection Policies
The legislation would require all federal contractors to report potential and actual cybersecurity incidents to the Department of Homeland Security.
The Act would impose a 24-hour reporting requirement on federal...more
7/28/2021
/ Cyber Attacks ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
Federal Contractors ,
FOIA ,
General Services Administration (GSA) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Penalties ,
Popular ,
Proposed Legislation ,
Reporting Requirements
The President’s new Executive Order on Improving the Nation’s Cybersecurity includes wide-ranging measures intended to strengthen security standards for the federal government and federal government contractors in response to...more
5/20/2021
/ Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Homeland Security (DHS) ,
DFARS ,
Encryption ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
FedRAMP ,
Joe Biden ,
Multi-Factor Authentication ,
National Security Agency (NSA) ,
NIST ,
OMB ,
Popular ,
Ransomware ,
Software ,
Supply Chain
The incoming Biden Administration promises a more nationalized approach to combatting the COVID-19 public health crisis, plus a large economic stimulus response focused on unemployment, paid leave, state and local government...more
11/12/2020
/ Biden Administration ,
Biomedical Advanced Research and Development Authority (BARDA) ,
Coronavirus/COVID-19 ,
Corporate Counsel ,
Economic Stimulus ,
Food and Drug Administration (FDA) ,
Healthcare ,
Healthcare Workers ,
Masks ,
National Institute of Health (NIH) ,
Paid Leave ,
Personal Protective Equipment ,
Popular ,
Public Health Emergency ,
Public Schools ,
Small Business ,
State and Local Government ,
Telemedicine ,
Unemployment Benefits ,
Virus Testing ,
World Health Organization
President-Elect Biden won a mandate to bring normalcy back to government and to seek bipartisan compromise where possible.
The makeup of the U.S. Senate may limit the Biden Administration’s ability to deliver its most...more
11/10/2020
/ Biden Administration ,
Coronavirus/COVID-19 ,
Education Reform ,
Energy Sector ,
Environmental Policies ,
Ethics ,
Executive Powers ,
Financial Services Industry ,
Foreign Policy ,
Gig Economy ,
Healthcare Reform ,
Infrastructure ,
Political Campaigns ,
Popular ,
Social Media Policy ,
Tax Reform ,
Trade Policy
In this election cycle, technology and internet policy is a persistent factor across multiple issue areas. With implications for national security, economic equality, infrastructure and market regulation, the next...more
11/4/2020
/ California Consumer Privacy Act (CCPA) ,
China ,
Communications Decency Act ,
Data Privacy ,
Data Protection ,
Department of Defense (DOD) ,
Department of Justice (DOJ) ,
Donald Trump ,
Fair Labor Standards Act (FLSA) ,
FCC ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Gig Economy ,
Internet ,
Joe Biden ,
PACT Act ,
Popular ,
Remote Learning ,
Research and Development ,
SHIELD Act ,
Standard Contractual Clauses ,
Telehealth
Creation of a new rapid response team signals regulators may turn today’s cyber examination priorities into tomorrow’s enforcement priorities.
The Securities and Exchange Commission, New York State Department of Financial...more
8/18/2020
/ Cryptocurrency ,
Cybersecurity ,
Data Breach ,
Department of Homeland Security (DHS) ,
Digital Assets ,
EDGAR ,
FBI ,
First American Title Insurance Co. ,
IRS ,
NYDFS ,
OCIE ,
Popular ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
Twitter
Transitioning the American workforce to telework presents a heightened risk of cybercrime and new challenges for businesses to protect sensitive data.
Mandatory “stay-at-home” orders have forced many businesses to rely on...more
Practical steps to address cybersecurity threats—precautions to prepare for the possible system impacts from COVID-19.
Organizations preparing for COVID-19 are testing and implementing business continuity plans to address...more
3/10/2020
/ Business Continuity Plans ,
Centers for Disease Control and Prevention (CDC) ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Protection ,
Infectious Diseases ,
Phishing Scams ,
Popular ,
Public Health ,
Remote Working ,
Risk Management ,
Telecommuting
Practical steps to address cybersecurity threats—what you should do when heightened tension in the Middle East or other events increase the threat of cybersecurity incidents.
- When news events or business initiatives turn...more
1/24/2020
/ Best Practices ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Information Technology ,
Policies and Procedures ,
Popular ,
Risk Mitigation ,
SHIELD Act
New cybersecurity and data privacy laws will impose substantial new obligations on businesses that collect information about residents of those states.
Regardless of their location or size, nonprofit organizations that...more
New law in New York State extends requirements on companies doing business with New York residents to have cybersecurity programs and expands New York’s breach notification requirements.
New law extends the reach of New...more
Financial institutions regulated by the New York Department of Financial Services (DFS)—referred to in this post as “Covered Entities”—should by now be well familiar with the department’s sweeping cybersecurity regulation, 23...more
The 2018 Midterm Election played out as most poll forecasters speculated. Although several races have yet to be decided, Republicans have retained control of the Senate, but lost at least 29 seats, allowing the Democrats to...more
11/8/2018
/ Corporate Counsel ,
Critical Infrastructure Sectors ,
Cross-Border ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
Department of Transportation (DOT) ,
Deregulation ,
Energy Sector ,
Environmental Policies ,
Financial Services Industry ,
Food and Drug Administration (FDA) ,
Healthcare ,
Legislative Agendas ,
Popular ,
State and Local Government ,
Tax Reform ,
Trade Relations ,
Trump Administration
Takeaways
- Companies that suffer cyberattacks can expect not sympathy but scrutiny from legal authorities.
- D&O insurance can cover not only litigation but also investigation costs.
- Strategic negotiation of...more
9/22/2017
/ Attorney General ,
Civil Investigation Demand ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
D&O Insurance ,
Data Breach ,
Data Privacy ,
Derivative Suit ,
Errors and Omissions Policy ,
Government Investigations ,
Internal Investigations ,
Legal Costs ,
Personally Identifiable Information ,
Popular ,
Risk Management ,
Risk Mitigation ,
Shareholder Litigation ,
Subpoenas ,
Unfair or Deceptive Trade Practices