News & Analysis as of

Cybersecurity National Institute of Standards and Technology Compliance

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Bradley Arant Boult Cummings LLP

Government Contractors Beware: DOJ Pursuing Cybersecurity Failures Under the False Claims Act

Bradley Arant Boult Cummings LLP on

The U.S. Department of Justice (DOJ) filed its first major complaint-in-intervention under the False Claims Act (FCA) premised on a government contractor’s alleged cybersecurity deficiencies since the DOJ’s Civil Cyber-Fraud...more

Pillsbury Winthrop Shaw Pittman LLP

U.S. Government Intervenes in Georgia Tech Cybersecurity False Claims Case

Pillsbury Winthrop Shaw Pittman LLP on

The Georgia Tech case serves as yet another reminder of the importance of contractor compliance with cybersecurity requirements in federal contracts. The Government alleges that Georgia Tech failed to comply with the...more

Alston & Bird

Justice Department Intervention in Cyber False Claims Act Case Signals Escalation of Risk for Government Contractors

Alston & Bird on

An unprecedented cyber qui tam action involving Georgia Tech’s alleged failure to comply with certain cybersecurity controls underscores the importance of having advanced cyber requirements for federal contractors. Our...more

Alston & Bird

Department of Justice Intervenes in Cybersecurity Qui Tam Action Against Georgia Tech

Alston & Bird on

On Thursday, August 22, 2024, the United States Department of Justice (“DOJ”) filed a Complaint-In-Intervention in the case of United States of America ex rel. Christopher Craig and Kyle Koza, v. Georgia Tech Research Corp....more

Holland & Knight LLP

DOJ Brings Suit Against University Under Its Civil Cyber-Fraud Initiative

Holland & Knight LLP on

Late last week, the U.S. Department of Justice (DOJ) filed its complaint-in-intervention in a qui tam lawsuit against the Georgia Institute of Technology (Georgia Tech), alleging that the university failed to meet certain...more

Wiley Rein LLP

Policy Patches: An Update on Software Security Regulation

Wiley Rein LLP on

So far, 2024 has been another very busy year for U.S. cybersecurity regulation. Among the top priorities has been software security, as we previewed early this year. Companies that sell software to the federal government or...more

Mayer Brown

US DoD Issues Class Deviation Delaying DFARS Implementation of Upcoming NIST SP 800-171, Revision 3

Mayer Brown on

On May 2, 2024, the Department of Defense (DoD) issued a class deviation to DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting. The deviation relates to contractors’ compliance with...more

The Volkov Law Group

NIST Adopts New 2.0 Cybersecurity Framework

The Volkov Law Group on

In the absence of federal cybersecurity and data privacy laws, companies have to look to other sources of guidance, including industry standards, and state laws.  The National Institute of Standards and Technology (“NIST”)...more

Bass, Berry & Sims PLC

The United States Intervenes in its First False Claims Act Cybersecurity Case

Bass, Berry & Sims PLC on

The United States notified the U.S. District Court for the Northern District of Georgia that it plans to intervene in a False Claims Act case filed against Georgia Tech Research Corporation (Georgia Tech) by its Associate...more

Mintz - Health Care Viewpoints

HHS Health Care Cybersecurity Performance Goals: Proposed Incentives, Penalties and Compliance Standards

Mintz - Health Care Viewpoints on

As promised in the U.S. Department of Health and Human Services (HHS) concept paper in December 2023, the agency published voluntary health care and public health cybersecurity performance goals (HPH CPGs) in January 2024 and...more

Epstein Becker & Green

2024 Update: Regulators Use “Carrots and Sticks” to Incentivize Healthcare Sector Cybersecurity Compliance

Epstein Becker & Green on

Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more

Oberheiden P.C.

Defense Department Looks to Update DFARS Cybersecurity Compliance Requirements

Oberheiden P.C. on

Over the holidays, the U.S. Department of Defense (DoD) issued proposed rules for updating its Cybersecurity Maturity Model Certification (CMMC) program from its existing Defense Acquisition Regulatory Supplement (DFARS)...more

BakerHostetler

HHS Publishes ‘Voluntary’ Healthcare Cybersecurity Performance Goals in Record Time but Leaves Questions Unanswered

BakerHostetler on

As previously reported in this blog, on Dec. 6, 2023, the Department of Health and Human Services (HHS or the Department) released a “concept paper,” which laid out its vision of future action regarding healthcare...more

Holland & Knight LLP

Department of Defense Releases Long-Awaited CMMC Proposed Rule

Holland & Knight LLP on

Two years after announcing the second iteration of the U.S. Department of Defense's (DoD) Cybersecurity Maturity Model Certification (CMMC) program, the DoD released its proposed rule that, if adopted, will implement the...more

Society of Corporate Compliance and Ethics...

[Webinar] What’s all the fuss about CMMC? - November 29th, 12:00 pm - 1:30 pm CT

Society of Corporate Compliance and Ethics... on

Learning Objectives - What is CMMC and should I care? - Cybersecurity is crucial for compliance in any company - Is NIST 800-171 (The CMMC Framework) worth employing? - Thoughts and observations from the field...more

Fenwick & West LLP

Key Provisions and Impacts of Biden’s Executive Order on AI Regulation and Development

Fenwick & West LLP on

On October 30, 2023, the Biden administration issued a sweeping Executive Order on the Safe, Secure and Trustworthy Development and Use of Artificial Intelligence (the “Executive Order”), which ambitiously directs the...more

Baker Donelson

Show Your Work: The SEC Cyber Rules and Documenting Materiality Analysis Under NIST FIPS 199

Baker Donelson on

The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more

Health Care Compliance Association (HCCA)

Privacy Briefs: October 2023

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more

Skadden, Arps, Slate, Meagher & Flom LLP

Privacy & Cybersecurity Update - August 2023

Skadden, Arps, Slate, Meagher & Flom LLP on

In this month’s Privacy & Cybersecurity Update, we analyze the Biden administration’s proposed cybersecurity labeling program for smart devices, NIST’s extensive overhaul of its cybersecurity framework, and data privacy law...more

Husch Blackwell LLP

Twelve Planning Tips to Avoid Complications with the SEC’s Cybersecurity Disclosure Rules: Part I

Husch Blackwell LLP on

Key Point: To avoid inadvertently increasing enforcement and litigation risks, companies should consider these suggestions to minimize headaches with the SEC’s final rules that mandate (a) disclosures in annual report of...more

Dunlap Bennett & Ludwig PLLC

The Role Of A Cybersecurity Law Firm In Safeguarding Digital Assets

Dunlap Bennett & Ludwig PLLC on

In today’s digital landscape, organizations face numerous cybersecurity threats that can compromise their valuable digital assets, including their data, IT infrastructure, networks, software, and intellectual property (IP)....more

Thomas Fox - Compliance Evangelist

Travis Howerton on Automating Security & Compliance

Thomas Fox - Compliance Evangelist on

Automation in the compliance arena is becoming increasingly ubiquitous. Yet many of the most significant innovations for automation are not found in the anti-bribery/anti-corruption space but in adjacent spaces. That message...more

Foley & Lardner LLP

HIPAA Breaches and Compliance: Key Findings & Lessons Learned from OCR’s Reports to Congress

Foley & Lardner LLP on

The Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently submitted two annual reports to Congress setting forth a summary of complaints and breaches reported to the OCR during...more

Ankura

When Did You Last Test Your Cyber Incident Response Plan?

Ankura on

A cyber incident response plan is a set of guidelines and protocols designed to help an organization detect, respond, contain, and manage any form of a cybersecurity breach. It outlines how best to safeguard the organization...more

Reveal

Data Compliance: What You Need to Know in 2023

Reveal on

Data plays a central role in the operations of nearly every industry today. Along with the increase in the volume of corporate data that exists, we’ve seen an increase in the number of laws and regulations protecting...more

59 Results
 / 
View per page
Page: of 3
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide