News & Analysis as of

Federal Information Security Modernization Act (FISMA)

Wiley Rein LLP

As Cyber Regulators Rush Toward New Rules, Shifting Foundations May Complicate Compliance

Wiley Rein LLP on

These days, cyber regulators are in a hurry. Commentators have observed, the “federal government is quietly directing a seismic shift in the economy” with new mandates. Ann Neuberger, Deputy National Security Advisor for...more

Paul Hastings LLP

CISA Proposes Sweeping Cybersecurity Incident Reporting for U.S. Companies

Paul Hastings LLP on

On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (“CISA”) released proposed regulations requiring expansive new cybersecurity incident and ransomware payment reporting across sixteen “critical...more

Paul Hastings LLP

NIST CSF 2.0 Goes Live

Paul Hastings LLP on

The National Institute of Standards and Technology released an updated version of its Cybersecurity Framework, CSF 2.0. earlier this week. The CSF, initially launched in 2014, is a tool developed by NIST to help private...more

Wiley Rein LLP

Important NDAA Provisions for Contractors and Their Supply Chains

Wiley Rein LLP on

On December 14, 2023, the House of Representatives passed the National Defense Authorization Act for Fiscal Year 2024 (NDAA), following the Senate’s passage a few days earlier. The President is expected to sign the NDAA into...more

Davis Wright Tremaine LLP

FedRAMP Updates 3PAO Standards for Cloud Service Provider Assessments

The Project Management Office (PMO) for the Federal Risk and Authorization Management Program (FedRAMP) has issued an updated version of FedRAMP's 3PAO Obligations and Performance Standards (3PAO Standards), which sets forth...more

Husch Blackwell LLP

FinCEN Shines Additional Light on the Corporate Transparency Act - FAQs and Summary Materials Now Available

Husch Blackwell LLP on

Overview- Below is an update to our April 6, 2022, client alert discussing the proposed regulations for the Corporate Transparency Act (CTA) and our October 14, 2022, client alert discussing the CTA Final Regulations as...more

Rothwell, Figg, Ernst & Manbeck, P.C.

Learning From Data Breach Cases To Reduce Legal Risk

The average cost of a data breach is on the rise. According to the 2022 ForgeRock Consumer Identity Breach Report, the average cost in 2021 of recovering from a data breach in the U.S. is $9.5 million — an increase of 16%...more

Woods Rogers

New Notification Requirements for Critical Infrastructure

Woods Rogers on

President Joe Biden recently signed into law the Cyber Incident Reporting For Critical Infrastructure Act of 2022. This new law updates the Federal Information Security Modernization Act (FISMA)...more

Fox Rothschild LLP

New Connecticut Law Incentivizes Adoption of Cybersecurity Standards

Fox Rothschild LLP on

In July, Connecticut passed a largely unnoticed new law that followed in the footsteps of Ohio and Utah in limiting damages or creating affirmative defenses for business that experience a data breach after implementing a...more

Fox Rothschild LLP

To Avoid Punitive Damages for a Data Breach in Connecticut, You Need to Try

Fox Rothschild LLP on

In Connecticut, if you adopt and maintain and comply with written cybersecurity program that contains administrative, technical and physical safeguards for the protection of personal or restricted information and that...more

Hogan Lovells

Hold the punitive damages: Connecticut is latest to incentivize implementing cybersecurity frameworks

Hogan Lovells on

Connecticut’s new cybersecurity standards law, which goes into effect on October 1, 2021, protects companies from punitive damages in certain data breach actions where an organization has a cybersecurity program that conforms...more

ArentFox Schiff

Meet Connecticut's New Cybersecurity Law

ArentFox Schiff on

Although the Connecticut legislature was not successful in passing a privacy law similar to those passed in California, Colorado and Virginia, on June 24, 2021, the “Act Incentivizing The Adoption Of Cybersecurity Standards...more

Reveal

You Need Only Two Letters Today to Keep Up with the “Alphabet Soup” of Compliance

Reveal on

Back in November, I wrote on this blog about Big Data being one of the challenges that is forcing technology to move more to the data sooner in the discovery process. One of the most notable fun facts that illustrate just how...more

Wiley Rein LLP

Challenges and Opportunities for the U.S. Department of Homeland Security’s Expanding Role in Government-Wide Procurement Policy

Wiley Rein LLP on

The U.S. Department of Homeland Security (DHS) has been central in federal cybersecurity policy for years, as an important non-regulatory body that convenes the private sector, works across agencies, and protects information...more

Robinson+Cole Data Privacy + Security Insider

SolarWinds Cyber-Attack Has Significant Implications for Developers and Contractors

ICYMI, on Wednesday, January 6, 2021, the United States Department of Justice (DOJ) issued an update about what it termed “a major incident under the Federal Information Security Modernization Act”: the global SolarWinds...more

Wiley Rein LLP

Tech and Government: Risk and Rewards Illustrated in Contracting Dispute Over Vulnerability Disclosure Program

Wiley Rein LLP on

Tech companies considering government business must anticipate risks, including from competitors.  A forward-looking initiative from the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of...more

Mintz - Privacy & Cybersecurity Viewpoints

CARES Act Equity Stakes Could Require Complying with Exacting Federal Data Security and Privacy Obligations

The Coronavirus Aid, Relief and Economic Security (“CARES”) Act has created a flurry of far reaching considerations for affected businesses, ranging from tax, employment, and even telehealth. Beyond these issues, businesses...more

Jones Day

European Commission Takes Steps Toward More Aggressive Approach to EU Sanctions - The European Commission ("EC") has transferred...

Jones Day on

The EU-wide sanctions program used to fall squarely within the responsibility of the EU High Representative for Foreign Affairs and Security ("EUHR"), currently Josep Borrell. Among the EUHR's responsibilities is the proposal...more

Dorsey & Whitney LLP

Software Provider and DOJ Reach $8.6M Settlement for FCA Case Involving Alleged Cyber Security Shortcomings

Dorsey & Whitney LLP on

Amid increased public and government attention to cyber security, a qui tam plaintiff’s lawsuit has resulted a large settlement for a government contractors’ purported misrepresentations regarding compliance with government...more

Robinson+Cole Data Privacy + Security Insider

HHS Information Security Program Deemed ‘Not Effective’

There was unfortunately some bleak news out of the Department of Health & Human Services, (HHS) Office of the Inspector General (OIG) recently. The OIG recently released the results of a performance audit of the HHS’...more

Womble Bond Dickinson

Ohio Enacts First Cybersecurity Safe Harbor

Womble Bond Dickinson on

Tacking an entirely new direction from other US states, Ohio has decided to offer defensive legal protection to businesses who have built a cybersecurity regime around well-known industry standards, even where those...more

Bass, Berry & Sims PLC

General Services Administration Announces Plans to Update Cybersecurity Requirements for Contractors

Bass, Berry & Sims PLC on

In mid-January, the General Services Administration (GSA) released their Semiannual Regulation Agenda. Within this agenda, GSA announced plans to update requirements in the General Services Administration Acquisition...more

Benesch

Ohio Proposes Act to Incentivize Consumer Data Security

Benesch on

Legislation was recently introduced in Ohio encouraging businesses to take steps in protecting consumer data. Ohio Senate Bill 220, The Data Protection Act (the “Act”), provides businesses that take certain commercially...more

Hogan Lovells

McDowell v. CGI Federal Inc.: A Stark Reminder to Government Contractors of their Cybersecurity Obligations

Hogan Lovells on

On June 1, 2017, the United States District Court for the District of Columbia issued a decision in a class action lawsuit, McDowell v. CGI Federal Inc., Civ. Action No. 15-1157 (GK) (D.D.C. 2017), which could have...more

Nossaman LLP

A Review of the OMB Guidelines Issued to Federal Agencies for Reporting Requirements to Congress That Redefined What Constitutes a...

Nossaman LLP on

With the growing threat of cyberattacks, we thought it would be worthwhile to discuss a late 2016 change in reporting requirements for federal agencies that have suffered a data breach. The Office of Management and Budget’s...more

54 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide