The U.S. Department of Commerce’s Bureau of Industry and Security (BIS), issued its much anticipated Final Rule under Executive Order 13873, Securing the Information and Communications Technology and Services Supply Chain (EO...more
12/27/2024
/ Bureau of Industry and Security (BIS) ,
Critical Infrastructure Sectors ,
Cross-Border Transactions ,
Executive Orders ,
Final Rules ,
National Security ,
New Regulations ,
Prohibited Transactions ,
Regulatory Agenda ,
Supply Chain ,
Technology ,
Telecommunications ,
U.S. Commerce Department
U.S. federal agencies, including the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) (in coordination with similar agencies in Australia,...more
12/16/2024
/ Australia ,
Canada ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
FBI ,
FCC ,
National Security ,
National Security Agency (NSA) ,
New Zealand ,
Telecommunications ,
USTelecom
The Biden Administration recently reaffirmed its continued focus on cybersecurity by announcing an Implementation Plan for the National Cybersecurity Strategy (the Plan). The Plan provides a roadmap covering the policies and...more
8/2/2023
/ Biden Administration ,
Cloud Service Providers (CSPs) ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cybersecurity ,
Domain Names ,
Environmental Protection Agency (EPA) ,
Internet of Things ,
National Security ,
Personal Data ,
Reporting Requirements ,
TSA
Following the release of President Biden’s National Cybersecurity Strategy, Acting National Cyber Director Kemba Walden explained that the Biden Administration is “expecting more” from owners and operators in critical...more
3/24/2023
/ Aviation Industry ,
Biden Administration ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Environmental Protection Agency (EPA) ,
Government Entities ,
NIST ,
Private Sector ,
Risk Assessment ,
Risk Management ,
Technology ,
TSA ,
Water
In late January, the Federal Energy Regulatory Commission (FERC) published a final rule directing the North American Electric Reliability Corporation (NERC) to develop and submit modified reliability standards for internal...more
3/8/2023
/ Bulk Electric System ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cybersecurity ,
Electricity ,
Energy Policy ,
FERC ,
Final Rules ,
NERC ,
Regulatory Agenda ,
Risk Management
“Continued disruptions of critical infrastructure and thefts of personal data make clear that market forces alone have not been enough to drive broad adoption of best practices in cybersecurity and resilience.”
National...more
3/3/2023
/ Biden Administration ,
Cloud Service Providers (CSPs) ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Environmental Protection Agency (EPA) ,
Legislative Agendas ,
National Security ,
New Legislation ,
Private Sector ,
Regulatory Authority ,
TSA
Background Critical infrastructure providers confront unique cyber threats. The use of operational technology (OT) introduces risks that arise from, for example, legacy equipment that cannot readily be patched, updated, or...more
2/10/2023
/ Critical Infrastructure Sectors ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Federal Railroad Administration ,
Mitigation ,
Owner-Operators ,
Popular ,
Railways ,
Regulatory Authority ,
Regulatory Requirements ,
TSA
President Biden issued an executive order (EO) increasing protections and safeguards for personal data subject to signals intelligence activities. It also establishes a redress mechanism for residents of qualifying states who...more
10/11/2022
/ Biden Administration ,
Court of Justice of the European Union (CJEU) ,
Critical Infrastructure Sectors ,
Cybersecurity ,
EU ,
Executive Orders ,
General Data Protection Regulation (GDPR) ,
National Security ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Surveillance
President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) on March 15, 2022. The background and contours of CIRCIA are discussed in a previous update. CIRCIA authorizes and...more
9/13/2022
/ Covered Entities ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Security ,
Joe Biden ,
National Security ,
New Legislation ,
Popular ,
Privacy Laws ,
Proposed Rules ,
Reporting Requirements ,
Rulemaking Process
President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) on March 15, 2022. The enactment of CIRCIA follows attacks on critical infrastructure, such as the May 2021...more
4/11/2022
/ Biden Administration ,
Covered Entities ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity Information Sharing Act (CISA) ,
Data Protection ,
Data Security ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
Enforcement Actions ,
National Security ,
New Legislation ,
Reporting Requirements ,
Securities and Exchange Commission (SEC)
The U.S. government has steadily increased its warnings about malicious cyber activity by Russia and other sophisticated persistent adversaries. Following several warnings from the Federal Bureau of Investigation (FBI) and...more
3/30/2022
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Department of Homeland Security (DHS) ,
Energy Sector ,
FBI ,
Incident Response Plans ,
Popular ,
Risk Management ,
Russia ,
Securities and Exchange Commission (SEC) ,
Technology ,
Threat Management