Jacqueline Brown

Jacqueline Brown

Wiley Rein LLP

Contact
View Bio
RSS

Latest Posts › Cybersecurity

Share:

Update: DOJ and CISA Issue New National Security Program to Regulate Foreign Access to Sensitive Data

On January 8, 2025, the U.S. Department of Justice (Department or DOJ) issued new rules required by then-President Biden’s February 2024 Executive Order (EO) 14117 to establish a new regulatory framework aimed at “Preventing...more

4/4/2025  /  Biometric Information , China , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Data Privacy , Department of Justice (DOJ) , Disclosure Requirements , Executive Orders , Final Rules , National Security , New Regulations , Popular , Reporting Requirements , Sensitive Personal Information

Trump EO on Preparedness and Resilience Could Signal Major Shifts in Federal Role

On March 19, 2025, the White House released Executive Order (EO) 14239, Achieving Efficiency Through State and Local Preparedness, which calls for a comprehensive review of and changes to many long-standing federal...more

3/26/2025  /  Critical Infrastructure Sectors , Cybersecurity , Executive Orders , Infrastructure , National Security , Regulatory Agenda , Regulatory Reform , Risk Management , State and Local Government , Trump Administration

CISA 2015 Reauthorization – Are Changes on the Horizon?

As we noted in Federal Cybersecurity Policy in 2025: What to Watch in Changing Times, key parts of the Cybersecurity Information Sharing Act of 2015 (CISA 2015), the United States’ foundational cybersecurity information...more

3/4/2025  /  Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Data Protection , Government Agencies , Liability , National Security , Regulatory Agenda , Regulatory Requirements , Risk Management

Continued Remote Hiring Concerns in IT Sector: What to Look for in 2025 and How to Mitigate Business Risk

Remote worker fraud is expected to continue to proliferate in 2025. Fully remote hiring and work, particularly in the technology sector, continues to pose unique business and legal risks for companies. Just in December 2024,...more

1/10/2025  /  Artificial Intelligence , Cybersecurity , Data Privacy , Data Protection , Data Security , Employer Liability Issues , Foreign Nationals , Foreign Workers , Fraud , Fraud Prevention , Hiring & Firing , Identity Theft , Information Technology , Malware , North Korea , NYDFS , Popular , Remote Working , Risk Management , Social Media , Technology Sector

Federal Cybersecurity Policy in 2025: What to Watch in Changing Times

Last year we made some predictions about 2024’s cyber landscape and major issues. Several proved prescient, with incident reporting, CISO scrutiny, SEC aggression, and new regulation of various sectors taking shape as the...more

1/7/2025  /  Artificial Intelligence , Chief Information Security Officer (CISO) , China , Corporate Counsel , Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Cybersecurity Maturity Model Certification (CMMC) , Department of Defense (DOD) , Department of Homeland Security (DHS) , Department of Justice (DOJ) , DFARS , Emerging Technologies , FCC , Federal Acquisition Regulations (FAR) , Federal Contractors , Intelligence Services , Internet of Things , Loper Bright Enterprises v Raimondo , National Security Agency (NSA) , NIST , OIG , Popular , Regulatory Agenda , Regulatory Standards , SCOTUS , TSA , Unmanned Aircraft Systems

DOJ and CISA Propose New National Security Program to Regulate Foreign Access to Sensitive Data

On October 21, 2024, the U.S. Department of Justice (Department or DOJ) and the U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued proposals – required by the...more

10/24/2024  /  Biden Administration , Biometric Information , CFIUS , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Department of Homeland Security (DHS) , Department of Justice (DOJ) , Exempt Transactions , Foreign Entities , International Emergency Economic Powers Act (IEEPA) , National Security , NPRM , Prohibited Transactions , Recordkeeping Requirements , Reporting Requirements , Restricted Transactions , Sensitive Personal Information

[Webinar] Best Practices in Cyber Preparedness - October 23rd, 12:00 pm - 1:00 pm EDT

We invite you to join us for an insightful webinar on Best Practices in Cyber Preparedness for Government Contractors and Critical Infrastructure Operators on Wednesday, October 23, 2024, from 12:00 p.m. – 1:00 p.m. EDT....more

10/10/2024  /  Best Practices , Continuing Legal Education , Critical Infrastructure Sectors , Cyber Attacks , Cyber Threats , Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , Federal Contractors , Incident Response Plans , Regulatory Requirements , Risk Mitigation , Webinars

CMMC 2.0 Update: DOD Proposed Rule Introduces Standard Terms for Contracts Subject to CMMC 2.0, Including Yet Another 72-Hour...

WHAT: The U.S. Department of Defense (DOD) just published the second of two proposed rules setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The earlier...more

8/16/2024  /  Controlled Unclassified Information (CUI) , Corporate Counsel , Cyber Incident Reporting , Cybersecurity , Cybersecurity Maturity Model Certification (CMMC) , Department of Defense (DOD) , DFARS , Federal Acquisition Regulations (FAR) , Federal Contractors , NIST , Proposed Rules , Reporting Requirements

How Bad Is It Out There? Our Thoughts on Verizon’s 2024 Data Breach Investigations Report (DBIR)

Verizon released its Data Breach Investigations Report (DBIR) for 2024, an annual treat that highlights some trends companies should be aware of as they manage their cybersecurity programs and respond to and anticipate new...more

7/15/2024  /  Annual Reports , Artificial Intelligence , Cyber Attacks , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Data Breach , Ransomware , Risk Assessment , Risk Management , Verizon

Cyber Update: SEC Issues New Guidance on Cybersecurity Incident Disclosure

On June 24, 2024, the U.S. Securities and Exchange Commission (SEC) Division of Corporation Finance (Corp Fin) added to its Compliance and Disclosure Interpretations (C&DI) related to disclosure of Material Cybersecurity...more

6/27/2024  /  Compliance , Cyber Attacks , Cyber Incident Reporting , Cyber Insurance , Cybersecurity , Disclosure , Form 8-K , Ransomware , Securities and Exchange Commission (SEC)

Calls for Cybersecurity Regulatory Harmonization Ramp Up in Congress, White House

The proliferation of cybersecurity regulations has the White House and Congress calling for harmonization to streamline regulations, focus on reciprocity, and decrease compliance costs. Senator Gary Peters (D-MI), chair of...more

6/10/2024  /  Cyber Incident Reporting , Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Department of Homeland Security (DHS) , Federal Trade Commission (FTC) , Information Technology , NDAA , NIST , OMB , Regulatory Agenda

CYBER UPDATE: White House Seeks Regulatory Harmonization While Exploring a Pilot for Reciprocity Amid Proliferation of Regulations

Companies, particularly those in “critical infrastructure” sectors, have seen a dramatic increase in cybersecurity regulatory requirements in just the past few years – and the White House is looking to move faster. At the...more

6/6/2024  /  Critical Infrastructure Sectors , Cybersecurity , Cybersecurity Framework , Harmonization Rules , Information Technology , National Security , NIST , Request For Information , Supply Chain

Darned if You Do, Darned if You Don’t: Recent Lessons from the SEC On Cyber Reporting

The Security and Exchange Commission (SEC) Director of the Division of Corporate Finance, Erik Gerding, released a statement on May 21, 2024 that may have regulated entities scratching their heads about compliance and the...more

5/24/2024  /  Corporate Counsel , Cyber Attacks , Cyber Incident Reporting , Cybersecurity , Disclosure Requirements , Form 8-K , Reporting Requirements , Risk Management , Securities and Exchange Commission (SEC)

New White House Policy Previews Increased Cybersecurity Oversight and Regulation

On April 30, 2024 the White House updated the foundational U.S. government policy that defines critical infrastructure (CI) sectors and establishes a coordination structure within the federal government to support owners and...more

5/3/2024  /  Critical Infrastructure Sectors , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , FCC , General Services Administration (GSA) , Information Technology , National Security , NIST , Risk Management

CISA’s Proposed Cyber Incident Reporting Requirements Would Hit a Range of Industries and Sectors

The U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is publishing a proposed rule (Proposal or NPRM) that will require broad segments of industry to meet onerous and quick...more

4/1/2024  /  Critical Infrastructure Sectors , Cyber Attacks , Cyber Incident Reporting , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Data Preservation , Department of Defense (DOD) , Department of Energy (DOE) , Department of Homeland Security (DHS) , Financial Services Industry , Food and Drug Administration (FDA) , Healthcare , ICANN , Information Technology , NPRM , Popular , Ransomware , Recordkeeping Requirements , Securities and Exchange Commission (SEC)

DOJ Kicks Off Work to Regulate Foreign Access to Sensitive Personal Data Under New EO

On March 5, 2024, the Department of Justice (DOJ) issued an Advance Notice of Proposed Rulemaking (ANPRM) regarding Access to Americans’ Bulk Sensitive Personal Data and Government-Related Data by Countries of Concern. The...more

3/14/2024  /  Advanced Notice of Proposed Rulemaking (ANPRM) , Artificial Intelligence , Big Data , Cross-Border , Customer Proprietary Network Information (CPNI) , Cyber Attacks , Cyber Crimes , Cybersecurity , Cybersecurity Framework , Data Transfers , Department of Justice (DOJ) , Executive Orders , Military Service Members , National Security , Popular , Sensitive Personal Information , USTR , WTO

NIST Cybersecurity Framework 2.0 Reveals Major Shifts in Federal Guidance

On February 26, 2024, the National Institute of Standards and Technology (NIST) released the Cybersecurity Framework version 2.0 (CSF 2.0). CSF 2.0 is a generational update to NIST’s foundational cybersecurity guidance, which...more

3/7/2024  /  Cybersecurity , Cybersecurity Framework , FCC , Government Agencies , Information Governance , NIST , Popular , Risk Management , Supply Chain

Cybersecurity in 2024: Ten Top Issues to Consider

As we enter the New Year, Wiley has looked back at the top cyber issues for 2023 and what they mean for 2024. Last year, we saw the rollout of the National Cybersecurity Strategy—which outlined a new era of cyber oversight—as...more

1/3/2024  /  Critical Infrastructure Sectors , Cyber Attacks , Cyber Incident Reporting , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Data Breach , Department of Homeland Security (DHS) , Department of Justice (DOJ) , Disclosure Requirements , Environmental Protection Agency (EPA) , Executive Orders , FBI , Federal Acquisition Regulations (FAR) , Federal Trade Commission (FTC) , FISA , NIST , NSTAC , NYDFS , OMB , Popular , Ransomware , Securities and Exchange Commission (SEC) , TSA

SEC Breach Reporting Rules Effective as of December 18

For most filers, the U.S. Securities and Exchange Commission’s (SEC) new Form 8-K rules for reporting material cybersecurity incidents took effect yesterday, December 18, 2023. The rule has been controversial and created some...more

12/20/2023  /  Cybersecurity , Data Breach , Department of Justice (DOJ) , Form 8-K , National Security , Reporting Requirements , Securities and Exchange Commission (SEC)

Cyber Incident Reporting Guidance: DOJ Explains How It Will Determine if a Public Disclosure Poses Substantial National Security...

The cyber reporting landscape is rapidly shifting. Many agencies are developing rules, and a major player has been the U.S. Securities and Exchange Commission (SEC), with important questions arising about implementation of...more

12/14/2023  /  Corporate Counsel , Cyber Incident Reporting , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Department of Justice (DOJ) , Disclosure Requirements , FBI , National Security , Public Disclosure , Public Safety , Risk Management , Securities and Exchange Commission (SEC)

SEC Cyber Reporting Mandates: How to Request a National Security or Public Safety Delay

On December 18, the Securities and Exchange Commission's (SEC) new disclosure requirements go into effect and will require public companies to publicly report material cybersecurity incidents within four days of making a...more

12/12/2023  /  Cyber Incident Reporting , Cybersecurity , Department of Justice (DOJ) , Disclosure Requirements , FBI , Governance Standards , National Security , Public Safety , Publicly-Traded Companies , Reporting Requirements , Securities and Exchange Commission (SEC)

Ransomware Attacker Files SEC Complaint to Increase Pressure on Victim

The Black Cat/ALPHV ransomware group filed a complaint with the U.S. Securities and Exchange Commission (SEC) to allege that one of their victims failed to disclose a cyberattack to the SEC within four days, reports Bleeping...more

11/20/2023  /  Cyber Attacks , Cyber Incident Reporting , Cybersecurity , Data Breach , Disclosure Requirements , Exploitation , Popular , Ransomware , Securities and Exchange Commission (SEC)

GAO Calls for Better Info-Sharing by ONCD and CISA After Cyberattacks; May be Inconsistent with New Mandates

Information sharing has seemed like the “holy grail” of federal cyber policy: sought after but elusive, especially to those who think it will solve their problems. At a time of increased regulation and looming mandates for...more

10/5/2023  /  Cyber Attacks , Cyber Incident Reporting , Cyber Threats , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Department of Homeland Security (DHS) , GAO , Information Sharing , Regulatory Mandates , Risk Assessment

How to Fix the Cyber Incident Reporting Mess--DHS Weighs In [Audio]

Wiley’s cyber team talks about cyber incident reporting after a new report from DHS advising Congress on duplication of reporting regimes. With over 50 reporting requirements spread over 20 agencies, federal agencies and the...more

10/3/2023  /  Cyber Incident Reporting , Cybersecurity , Department of Homeland Security (DHS) , Disclosure Requirements , Federal Contractors

Biden Administration Looks at Harmonizing Cyber Regulations Amidst Flurry of New Activity

Cybersecurity continues to be top of mind for federal and state policymakers. This advisory identifies and analyzes some major recent developments that present opportunities and challenges in the coming months for a broad...more

8/4/2023  /  Biden Administration , Cyber Incident Reporting , Cybersecurity , Cybersecurity Maturity Model Certification (CMMC) , Data Breach , Department of Defense (DOD) , Disclosure Requirements , FCC , Federal Agency Taskforce , Oil & Gas , OIRA , Pipelines , Risk Management , Securities and Exchange Commission (SEC) , TSA
47 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide