Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
On February 26, 2024, the National Institute of Standards and Technology (NIST) released the NIST Cybersecurity Framework 2.0 (CSF 2.0). CSF 2.0 represents the first major update to the Cybersecurity Framework, which was...more
The consequences of a cyber attack can be significant and wide-ranging for both an individual and a business – no matter how big or small. Cyber attacks can result in serious data breaches that lead to the theft or exposure...more
Often one of the benefits of working with a capable cyber risk broker or insurer is that the covered business has access to supplemental services ranging from security assessments to budget-priced post-incident legal support....more
In this edition of our Privacy and Cybersecurity Update, we take a look at the Trump administration's executive order outlining its cybersecurity plans, Acting FTC Chairwoman Maureen Ohlhausen's comments on the possible...more
In this edition of our Privacy & Cybersecurity Update, we discuss how the prospect of a new chair and three new commissioners at the FTC may impact the agency's approach to cybersecurity regulation, a new Massachusetts...more
There is no such thing as compliance with the NIST Cybersecurity Framework (FTC). In September, the FTC dispelled a commonly held misconception regarding the NIST Framework: It “is not, and isn’t intended to be, a standard or...more
Last week, the National Association of Insurance Commissioners (NAIC) hosted the 2016 NAIC International Insurance Forum. The Forum addressed topics such as the management of catastrophic disaster risks, industry perspectives...more
Legal Framework - Summarise the main statutes and regulations that promote cybersecurity. Does your jurisdiction have dedicated cybersecurity laws? The United States generally addresses cybersecurity...more
A company's board of directors has a duty to oversee all aspects of the company's risk management efforts. This includes a duty to recognize and minimize the company's exposure to cyber attacks. In today's increasingly...more
In This Issue: - Dismissal in P.F. Chang’s Data Breach Case Shows Challenge Plaintiffs Face in Such Actions - Eleventh Circuit Court of Appeals Decision Underscores the Need to Evaluate Insurance Programs for Cyber...more
On December 3, 2014, Sarah Raskin, Deputy Secretary of the U.S. Department of Treasury (Treasury), gave a speech before the Texas Banker’s Association Executive Leadership Cybersecurity Conference. Deputy Secretary Raskin’s...more
2013 likely will be considered a watershed period in the role of cybersecurity in corporate strategy and management. While there were few significant legislative developments, a marked increase in cybersecurity attacks...more
On October 22, the National Institute of Standards and Technology (NIST) released its long-anticipated Preliminary Cybersecurity Framework for public review and comment. The Cybersecurity Framework was issued in accordance...more
How should business leaders respond to President Obama's executive order calling for a cybersecurity framework to protect the nation's critical infrastructure? Culled from law firm analysis on JD Supra, here's an answer to...more