Cybersecurity National Institute of Standards and Technology

Cybersecurity is a term used to describe methods and systems for protecting sensitive information in the electronic sphere. As more financial, business, and personal information becomes exclusively maintained and... more +
Cybersecurity is a term used to describe methods and systems for protecting sensitive information in the electronic sphere. As more financial, business, and personal information becomes exclusively maintained and stored electronically, the risks of attacks, leaks, and disclosures become more pronouced. The concept of Cybersecurity encompasses a broad array of issues, including governmental regulations to ward off cyber terrorists, industry data collection and maintenance practices, and consumer advocacy to ensure the privacy of individuals' personal and medical information.     less -
News & Analysis as of

September Privacy and Security Updates

Although National Cyber Security Month isn’t until October, September has brought plenty of privacy and security updates that health care companies need to be aware of. In this post, we review guidance from the Office for...more

Advertising Law - September 2016 #2

FTC Gives Academic Journals a Failing Grade - The Federal Trade Commission recently filed suit against the publisher of online academic journals that the agency accused of deceiving academics and researchers. OMICS...more

Report Suggests Organizations Still Vulnerable to Credential Management and Network Segmentation Attacks

The Multi-State Information Sharing and Analysis Center (MS-ISAC) published its 2016 mid-year review on August 22, 2016, highlighting large incidents of malware infections, with particular emphasis on ransomware and click...more

FFIEC Provides Concrete Guidance on Setting Up Information Security Programs

The Federal Financial Institutions Examination Council (FFIEC)—the interagency body tasked with setting uniform principals and standards for the examination of financial institutions by federal prudential regulators,...more

FTC Round-Up: NIST Framework Compliance Is Not Enough and Looming Ransomware Enforcement Activity

On August 31st and September 7th, 2016, the Federal Trade Commission (FTC) provided guidance regarding cybersecurity standards, which companies should consider when assessing their current data security posture....more

FTC Makes Clear that NIST Cyber Framework is Not a Cure-All

Last week, the FTC published a blog post titled The NIST Cybersecurity Framework and the FTC, in which the agency issued a nuanced answer to an oft-asked question: “If I comply with the NIST Cybersecurity Framework, am I...more

NAIC Releases Draft of Revised Insurance Data Security Model Law for Review

The National Association of Insurance Commissioners’ (NAIC) Cybersecurity Task Force released a revised draft of the Insurance Data Security Model Law (Model Law) last week. The Model Law’s goal is to “establish exclusive...more

NAIC Released Revised Insurance Data Security Model Law Draft For Review

The National Association of Insurance Commissioners (NAIC) Cybersecurity Task Force released a revised draft of the Insurance Data Security Model Law (Model Law) last week. The Model Law’s goal is to “establish exclusive...more

Want to Weigh In On Cyber Issues? Here's How.

Do you feel that the federal government doesn’t listen? Or at least not to you? Well, here is the opportunity to have your voice heard, albeit just on cybersecurity....more

NAIC Task Force Releases Revised Draft Insurance Data Security Model Law

On August 17, the National Association of Insurance Commissioners (the NAIC) Cybersecurity (EX) Task Force (the Task Force) released for comment a revised draft Insurance Data Security Model Law (the Model Law). This Model...more

Healthcare Records Held Hostage: When ransomware attacks

Imagine for a moment that your hospital or physician practice suddenly cannot access its electronic medical records. There hasn’t been a natural disaster. No, instead you are inexplicably staring at a computer screen from an...more

NIST and FAIR develop tool to merge cybersecurity risk standards

One key issue when developing a cybersecurity protocol for your business is ensuring compliance with industry standards to protect your business and adequately address cybersecurity risks. Fail to comply with the standard for...more

Automotive Industry Organization Releases Recommended Cybersecurity Best Practices

Auto-ISAC is not alone in its efforts to address potential cybersecurity risks imposed by connected vehicles. As we have previously discussed, in 2015 legislators introduced the SPY Car Act, which requires automakers to meet...more

House Committee Asks NIST To Improve Cybersecurity For Retailers, Internet Of Things

On June 7, 2016, the House of Representatives’ Committee on Appropriations (the “Committee”) reported out a funding bill that would fund the National Institute of Standards and Technology (“NIST”) to work with the retail...more

DSS Revises Cybersecurity Requirements for Contractors Handling Classified Information

On May 18, 2016, Department Security Service (DSS) recently approved Change 2 (Change 2) to the National Industrial Security Program Operating Manual (NISPOM). Change 2 significantly revised Chapter 8 of the NISPOM relating...more

Coming to a Government Contract Near You: Mandatory Information Safeguarding Requirements

The government recently finalized a sweeping amendment to the Federal Acquisition Regulation (“FAR”) that will impose basic information system safeguarding requirements on many federal acquisitions, marking the latest in the...more

NAIC Task Force Continues Work on Insurance Data Security Model Law

On May 24 and 25, the National Association of Insurance Commissioners (the NAIC) Cybersecurity (EX) Task Force (the Task Force) hosted a meeting in which state insurance commissioners and interested parties were invited to...more

IAIS Secretary General Considers Path to International Cybersecurity Standard

Last week, the National Association of Insurance Commissioners (NAIC) hosted the 2016 NAIC International Insurance Forum. The Forum addressed topics such as the management of catastrophic disaster risks, industry perspectives...more

A New Cybersecurity Regime and a New Regulation to Mandate Secure Information Systems for Government Contractors

Congress has enacted a recent wave of legislation to address ongoing cybersecurity threats; the Executive Branch, on May 12, 2016, adopted new cybersecurity regulations; and other Federal initiatives are underway and will...more

FAR Information System Security Standards Rules Finalized

The U.S. federal government announced on May 16, 2016, new Federal Acquisition Regulation (FAR) rules that set high-level standards for the basic safeguarding of contractor information systems that process, store or transmit...more

Cybersecurity, Boards and Cyber-Board "Experts": Caution Should Rule

A continuing frequent question from public companies is how a board should be constituted to oversee cybersecurity. Many public companies foist this additional burden on the audit committee. Those large enough to have a...more

Preparing Your Organization Today to Win Its Future (Possibly Inevitable) Cyber Lawsuit: Making Crown Jewels Out of Paper

One day in the not too distant future, your organization may be fighting to protect its balance sheet against high-stakes claims in a cyber tort trial. Arrayed against you will be the best of the class action plaintiff’s...more

How Recent Cybersecurity Government Publications Impact HIPAA Security Compliance and the New Audit Initiative

Cybersecurity Impacts on HIPAA Security Compliance and the New Audit Initiative - New Audit Initiative Items to Watch - While The HHS Office for Civil Rights recently announced its intent to perform a second...more

Cyber Security IMPOSSIBLE: California AG Decides a Ceiling is a Floor

We all know why selecting appropriate data security standards is difficult. No two business are the same. Different businesses have different assets to protect and different bank accounts to tap. Different sized businesses...more

Fiduciary Regulation and How Recent Cybersecurity Government Publications Impact HIPAA Security Compliance and the New Audit...

Fiduciary Regulation - The Office of Management and Budget released the final Fiduciary or Conflict of Interest regulation and related prohibited transaction exemption modifications from its review today. The next...more

252 Results
|
View per page
Page: of 11
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×