National Institute of Standards and Technology Cybersecurity

News & Analysis as of

NIST releases draft guide for use of mobile devices for medical providers

The National Institute of Standards and Technology (NIST) cybersecurity center released a draft guide last week for health IT professionals to use to bolster security for the use of mobile devices in the health care industry....more

Cyber Risk Governance in the Digital Age

It has taken a while for companies to realize the value of digital assets, and it is also taking a while for companies to digest the significance of digital risks. In the digital economy, virtually all aspects of business...more

Higher Education Institutions Increasingly Falling Victim to Cyberattacks

Higher education institutions are treasure troves for hackers. Colleges and universities are huge repositories of research data, sensitive information for large populations of applicants and enrolled students (personal,...more

FERC, NERC and Business Blackout: New CIP Standards and Fictional Cyber Attacks

The Federal Energy Regulatory Commission (FERC) issued a Notice of Proposed Rulemaking (NOPR) July 16, 2015, proposing to approve various Critical Infrastructure Protection (CIP) reliability standards proposed by the North...more

DOJ Cracks Down on Cyber Criminals

The Department of Justice (DOJ) recently announced the largest coordinated international law enforcement effort ever directed at an online cyber-criminal forum. Financial institutions and other companies should consider...more

Actions Foreshadow Uniform Cybersecurity Regulations for Federal Contractors - Two Recent Executive Agency Actions Lay the...

Federal government contractors handling Controlled Unclassified Information (CUI) should take notice of two recent executive agency actions. Combined, they lay the groundwork for a new cybersecurity clause to be added to the...more

FFIEC Cybersecurity Assessment Tool: Not Just For Financial Institutions

On June 30, 2015, the Federal Financial Institutions Examination Council (FFIEC) released its long anticipated Cybersecurity Assessment Tool (press release here). The FFIEC is a formal interagency organization empowered to...more

FFIEC’s Cybersecurity Assessment Tool: Guidance for CEOs and Boards - Senior Management and Boards Should Be Actively Addressing...

The Federal Financial Institutions Examination Council (FFIEC) released a Cybersecurity Assessment Tool (CAT) on June 30, 2015, to assist organizations in identifying cyber risks and assessing their cybersecurity...more

FFIEC’s Cybersecurity Assessment Tool: Guidance for CEOs and Boards - Senior Management and Boards Should Be Actively Addressing...

The Federal Financial Institutions Examination Council (FFIEC) released a Cybersecurity Assessment Tool (CAT) on June 30, 2015, to assist organizations in identifying cyber risks and assessing their cybersecurity...more

Cyber risk: Why cyber security is important - We live in an increasingly networked world, from personal banking to government...

Cyber risk is now firmly at the top of the international agenda as high-profile breaches raise fears that hack attacks and other security failures could endanger the global economy. The Global Risks 2015 report,...more

ALERT: NIST Issues Final Guidance on Federal Contractor Cybersecurity Standards for Controlled Unclassified Information

On June 19, 2015, the National Institute of Standards and Technology (NIST) published the final version of guidance for federal agencies to ensure sensitive information remains confidential when stored outside of federal...more

German Parliament's IT-Security Act Covers Critical Infrastructure

On June 12, 2015, the German Parliament (Deutscher Bundestag) passed an Act to Improve the Security of Information Technology Systems ("IT-Security Act"). The new legislation requires operators of so-called critical...more

Congressional Action Supports Improvement of Cybersecurity for Critical Infrastructure and Beyond

None of us in the United States – no family or individual, no industry or business, and no government agency – is immune from the potential devastation that cyber-attacks can wreak. No particular reminder is needed. Each day,...more

Another Prologue to Cybersecurity Regulations: Controlled Unclassified Information (“CUI”) – What Contractors Need to Know and Why...

Government contractors should take note of a proposed new rule that could impose significant new data storage obligations when finalized. The Federal Government is taking another baby-step towards cybersecurity regulation...more

Guidance for Incident Response Plans

Organizations are preparing for data incidents and breaches by developing, updating, implementing, and testing incident response plans. This article provides a checklist of key components of an incident response...more

Breaking Down the DOJ Cybersecurity Unit’s Guidance on Responding to Cyberattacks

Another federal agency has weighed in with “guidance” on cybersecurity preparation and breach response. The Department of Justice (DOJ) is the latest to issue guidance on how companies should respond to data breaches. The...more

Where Are We Now? The NIST Cybersecurity Framework One Year Later

The National Institute of Standards and Technology (NIST) released its Cybersecurity Framework (Framework) almost 15 months ago and charged critical infrastructure companies within the United States to improve their...more

SEC Releases Cybersecurity Guidance, Highlights Compliance Role

The SEC’s Division of Investment Management recently released cybersecurity guidance highlighting best practices and warning that cybersecurity breaches and deficiencies in cybersecurity programs could cause funds and...more

FCC Chairman Tom Wheeler Speaks about Cybersecurity at RSA Conference

As cyber week continues in Washington, Federal Communications Commission Chairman Tom Wheeler traveled to the west coast to speak about cybersecurity at the RSA Conference in San Francisco. Wheeler noted that the FCC has...more

Report Highlights Bank Vendor Cybersecurity Vulnerabilities

On April 9, the New York State Department of Financial Services (NYDFS) released a report on bank vendor cybersecurity that highlights the risk that hackers will use third-party service providers to gain access to bank data....more

Privacy & Cybersecurity Update - March 2015

In This Issue: - Dismissal in P.F. Chang’s Data Breach Case Shows Challenge Plaintiffs Face in Such Actions - Eleventh Circuit Court of Appeals Decision Underscores the Need to Evaluate Insurance Programs for Cyber...more

Effective cybersecurity: 8 questions for you and your team

Cybersecurity has become a top-tier risk for US and multinational organizations. It is only a matter of time before a determined hacker will penetrate your organization’s system and successfully exfiltrate some data. (Indeed,...more

FCC Communications Security, Reliability, and Interoperability Council Working Group Issues Final Report on Cybersecurity Best...

A Federal Communications Commission (FCC) working group, Cybersecurity Risk Management and Best Practices Working Group 4 (WG4), of the Communications, Security, Reliability, and Interoperability Council (CSRIC) advisory...more

SEC Releases Results of Cybersecurity Exam Sweep

We’re a bit behind on this, but better (a little bit) late than never. Last month the SEC’s Office of Compliance, Inspections and Examinations released the first results of its Cybersecurity Examination Initiative, announced...more

Higher Ed Legal Update, March 2015

Colleges and universities across America have recognized that unmanned aerial vehicles (UASs) – also known as drones -- have broad academic applications. Indeed, the Federal Aviation Administration reports that of the 900...more

172 Results
|
View per page
Page: of 7

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×