Cybersecurity Framework

News & Analysis as of

NIST and FAIR develop tool to merge cybersecurity risk standards

One key issue when developing a cybersecurity protocol for your business is ensuring compliance with industry standards to protect your business and adequately address cybersecurity risks. Fail to comply with the standard for...more

White House Directive Outlines Who to Call for Help with a Cyber Incident

Last week, the White House issued a new directive that outlines how the government handles significant cyber incidents, which gives the public information on which agency to call in the event of a cyber incident. We often get...more

House Committee Asks NIST To Improve Cybersecurity For Retailers, Internet Of Things

On June 7, 2016, the House of Representatives’ Committee on Appropriations (the “Committee”) reported out a funding bill that would fund the National Institute of Standards and Technology (“NIST”) to work with the retail...more

Raytheon/Ponemon survey confirms companies wait until an event to hire a data security vendor

The results of a Raytheon commissioned Ponemon study released on June 7, 2016 shows that at least two-thirds of businesses wait until they have experienced a cyber-attack or data breach to hire and retain security vendors to...more

NIST Framework Adoption Linked To Higher Security Confidence

A recent market survey of 338 IT and security professionals has revealed that adoption of the U.S. National Institute of Standard and Technology (“NIST”) Framework for Improving Critical Infrastructure Cybersecurity has led...more

New Guidance Maps HIPAA Security Rule to NIST Cybersecurity Framework to Help Providers Manage Cybersecurity Risk

In a world of looming data breaches and significant penalties for the release of protected health information, the complexities of cybersecurity and compliance with the HIPAA Security Rule can be incredibly daunting. In 2014,...more

Phase 2 of HIPAA Compliance Audits Now Underway

The Office of Civil Rights (OCR) within the U.S. Department of Health and Human Services (DHHS) recently announced that it has initiated Phase 2 of its audit program to assess Covered Entities’ and Business Associate’s...more

Blog: HHS Releases Crosswalk Between HIPAA Security Rule and NIST Framework

The U.S. Department of Health and Human Services (HHS), Office of Civil Rights (OCR) recently released a “crosswalk” developed with the National Institute of Standards and Technology (NIST) mapping the Health Insurance...more

HHS Office For Civil Rights Releases A Crosswalk Between HIPAA Security Rule And NIST Cybersecurity Framework

At the end of February, the Department of Health and Human Services (“HHS”) released a table, called a “crosswalk,” that maps standards and implementation specifications of the Health Insurance Portability and Accountability...more

Capitalizing on Collaboration – The President’s Precision Medicine Initiative

Last week President Obama marked the one year anniversary of his Precision Medicine Initiative (“PMI”) by holding a web-accessible panel discussion where he and interested stakeholders discussed his PMI initiative, its...more

CFTC’s New Proposed Rules Mandate Extensive Cybersecurity Testing; Comments Due Feb. 22, 2016

On December 16, 2015, the Commodity Futures Trading Commission (“CFTC”) released two Notices of Proposed Rulemaking (“NPRMs” or “Proposed Rules”) that would, if finalized, supplement existing regulations covering the...more

FDIC "Framework for Cybersecurity" Highlights How Financial Institution Information Security Programs Can Better Respond to...

In February, 2016, the Division of Risk Management Supervision of the Federal Deposit Insurance Corporation (“FDIC”) published “A Framework for Cybersecurity.” The article provides a good “sanity check” for financial...more

Data Security in the Financial Industry: Five Key Developments to Keep An Eye on in 2016

According to a 2015 report on threats to the financial services sector, 41% of financial services organizations polled had experienced a data breach or failed a compliance audit in the previous year, and 57% listed preventing...more

FDA Issues Draft Guidance Governing Postmarket Cybersecurity Risk Management Standards

On January 15, 2016, the U.S. Food and Drug Administration (FDA) announced in a Press Release that it would issue draft guidance on January 22 outlining “steps medical device manufacturers should take to continually address...more

BIMCO issues cybersecurity guidelines for ships

Last week, BIMCO, along with other shipping organizations, “launched” guidelines “to help the global shipping industry prevent major safety, environmental and commercial issues that could result from a cyber incident on-board...more

Also In the News - Data, Privacy, & Security Practice Report - December 2015 #2

Harmonizing Cybersecurity And Trade Secret Protection – Many companies are investing heavily in cybersecurity and implementing a framework such as the Cybersecurity Framework from the National Institute of Standards and...more

China Passes (De) Encryption Cyber Law

On December 27, 2015, the Standing Committee of the National People's Congress, China's national legislative body, passed the Counter-Terrorism Law of China, which entered into force on January 1, 2016. Although the law's...more

Extension given to DOD contractors to comply with cybersecurity requirements

The U.S. Department of Defense (DOD) issued an interim rule on December 30, 2015 that extended the deadline for DOD contractors to comply with security requirements for protecting non-classified, but sensitive government...more

NAIC Adopts "Roadmap for Cybersecurity Consumer Protection"

On December 17, 2015, members of the National Association of Insurance Commissioners Executive Committee approved a revised version of its Cybersecurity Bill of Rights that includes a name change and the addition of an...more

Landmark Wyndham Settlement Provides Guidelines For Companies To Meet FTC’S Datasecurity Requirements

On December 9, Wyndham Hotels and Resorts (“Wyndham”) agreed to a landmark settlement with the Federal Trade Commission (“FTC”) stemming from the FTC’s lawsuit against it after three data breaches that occurred between 2008...more

NIST seeks comments on Cybersecurity Framework

The National Institute of Standards and Technology (NIST) developed and issued its voluntary “Framework for Improving Critical Infrastructure Cybersecurity” (Framework) in response to a 2013 Executive Order in February of...more

Cybersecurity and resiliency: The Financial Sector’s “New Frontier”

“The Internet has a dark side,” Deputy Treasury Secretary Sarah Bloom Raskin remarked while addressing senior level banking executives at this year’s Clearing House Annual Conference. Raskin focused her comments on malicious...more

EU Data Protection Reform: Political Agreement

The EU has reached political agreement on the Data Protection Reform package. This is the biggest change in EU data protection law for 20 years! ...more

EP agrees cybersecurity Directive

EP and the Luxembourg Presidency have agreed the text of the cybersecurity Directive, which should now be agreed by the COREPER on 18 December. ...more

Political Agreement Reached for New EU Data Protection Regulation—Official Adoption Around the Corner

On December 15, 2015, the European Parliament and the Council of the European Union (Council) reached a political agreement on the future EU data protection legal framework. This is a significant step towards adoption of the...more

175 Results
|
View per page
Page: of 7
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×