National Institute of Standards and Technology

News & Analysis as of

ALERT: NIST Issues Final Guidance on Federal Contractor Cybersecurity Standards for Controlled Unclassified Information

On June 19, 2015, the National Institute of Standards and Technology (NIST) published the final version of guidance for federal agencies to ensure sensitive information remains confidential when stored outside of federal...more

German Parliament's IT-Security Act Covers Critical Infrastructure

On June 12, 2015, the German Parliament (Deutscher Bundestag) passed an Act to Improve the Security of Information Technology Systems ("IT-Security Act"). The new legislation requires operators of so-called critical...more

Congressional Action Supports Improvement of Cybersecurity for Critical Infrastructure and Beyond

None of us in the United States – no family or individual, no industry or business, and no government agency – is immune from the potential devastation that cyber-attacks can wreak. No particular reminder is needed. Each day,...more

Another Prologue to Cybersecurity Regulations: Controlled Unclassified Information (“CUI”) – What Contractors Need to Know and Why...

Government contractors should take note of a proposed new rule that could impose significant new data storage obligations when finalized. The Federal Government is taking another baby-step towards cybersecurity regulation...more

Guidance for Incident Response Plans  

Organizations are preparing for data incidents and breaches by developing, updating, implementing, and testing incident response plans. This article provides a checklist of key components of an incident response...more

Quirky Question #260, Data breach incident response plans

Question: For data breach preparation, what guidance have federal and state regulators issued regarding incident response plans? Originally published on IRMI.com....more

Cloud Computing Contracts Top Issues for Healthcare Providers

In this Issue: - Summary - Overview - Cloud - Use - Security - Privacy - Functions - Availability - Performance - Location - Services -...more

Guidance for Incident Response Plans

Organizations are preparing for data incidents and breaches by developing, updating, implementing, and testing incident response plans. This article provides a checklist of key components of an incident response...more

Breaking Down the DOJ Cybersecurity Unit’s Guidance on Responding to Cyberattacks

Another federal agency has weighed in with “guidance” on cybersecurity preparation and breach response. The Department of Justice (DOJ) is the latest to issue guidance on how companies should respond to data breaches. The...more

Where Are We Now? The NIST Cybersecurity Framework One Year Later

The National Institute of Standards and Technology (NIST) released its Cybersecurity Framework (Framework) almost 15 months ago and charged critical infrastructure companies within the United States to improve their...more

SEC Releases Cybersecurity Guidance, Highlights Compliance Role

The SEC’s Division of Investment Management recently released cybersecurity guidance highlighting best practices and warning that cybersecurity breaches and deficiencies in cybersecurity programs could cause funds and...more

FCC Chairman Tom Wheeler Speaks about Cybersecurity at RSA Conference

As cyber week continues in Washington, Federal Communications Commission Chairman Tom Wheeler traveled to the west coast to speak about cybersecurity at the RSA Conference in San Francisco. Wheeler noted that the FCC has...more

Report Highlights Bank Vendor Cybersecurity Vulnerabilities

On April 9, the New York State Department of Financial Services (NYDFS) released a report on bank vendor cybersecurity that highlights the risk that hackers will use third-party service providers to gain access to bank data....more

Weekly Update Newsletter - April 2015 #2

GOVERNMENT CONTRACTS - NIST Issues Draft Requirements, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations - The National Institute of Standards and Technology...more

Privacy & Cybersecurity Update - March 2015

In This Issue: - Dismissal in P.F. Chang’s Data Breach Case Shows Challenge Plaintiffs Face in Such Actions - Eleventh Circuit Court of Appeals Decision Underscores the Need to Evaluate Insurance Programs for Cyber...more

Effective cybersecurity: 8 questions for you and your team

Cybersecurity has become a top-tier risk for US and multinational organizations. It is only a matter of time before a determined hacker will penetrate your organization’s system and successfully exfiltrate some data. (Indeed,...more

FCC Communications Security, Reliability, and Interoperability Council Working Group Issues Final Report on Cybersecurity Best...

A Federal Communications Commission (FCC) working group, Cybersecurity Risk Management and Best Practices Working Group 4 (WG4), of the Communications, Security, Reliability, and Interoperability Council (CSRIC) advisory...more

NIST Internet Of Things Framework Taking Shape

The National Institute of Standards and Technology (“NIST”) recently posted a preliminary discussion draft of its forthcoming Framework for Cyber-Physical Systems (a term used interchangeably with the Internet of Things, or...more

SEC Releases Results of Cybersecurity Exam Sweep

We’re a bit behind on this, but better (a little bit) late than never. Last month the SEC’s Office of Compliance, Inspections and Examinations released the first results of its Cybersecurity Examination Initiative, announced...more

Higher Ed Legal Update, March 2015

Colleges and universities across America have recognized that unmanned aerial vehicles (UASs) – also known as drones -- have broad academic applications. Indeed, the Federal Aviation Administration reports that of the 900...more

FTC Announces a New “Start with Security” Campaign

Yesterday, Federal Trade Commission (FTC) Chairwoman Edith Ramirez and FTC Bureau of Consumer Protection Director Jessica Rich announced that the FTC will begin a “Start with Security” campaign, through which the FTC will...more

PCI Security Standards Council Announces Revisions to the use of SSL

The Payment Card Industry (PCI) Security Standards Council has released a bulletin on impending revisions to version 3.0 Payment Application Data Security Standards (PA-DSS) and version 3.0 of the PCI Data Security Standard...more

What General Counsel Need To Know About The Latest Cybersecurity Developments

In the wake of reported security breaches at a number of significant financial institutions, cybersecurity is garnering more attention and concern than ever before — both within the financial services industry and among...more

NIST, White House Continue Efforts to Enhance Cybersecurity Awareness and Protections

The National Institute of Standards and Technology (NIST) and the White House continue efforts to improve private sector security and increase sharing of information about potential cybersecurity threats. ...more

Security Risks Posed by Mobile Apps: Do You Have a Vetting Process in Place?

As more organizations deploy mobile apps to facilitate their business processes, it is important that those organizations develop a specific app vetting process in order to mitigate the security risks that such apps can...more

188 Results
|
View per page
Page: of 8

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×