Latest Publications

Share:

DOJ Issues New Policy on CFAA Prosecutions

Today, the Department of Justice (“DOJ”) updated its policy regarding charging violations under the Computer Fraud and Abuse Act (“CFAA”).  This is the first update to the DOJ’s policy since 2014, and it is effective...more

US, UK, and Australia Issue Joint Cybersecurity Advisory on Ransomware Threat to Critical Infrastructure

On February 9, 2022 the United States, United Kingdom, and Australia issued a joint Cybersecurity Advisory on the “Increased Globalized Threat of Ransomware” against critical infrastructure sectors (“Advisory”).  The Advisory...more

The Log4j Vulnerability: What This Critical Vulnerability Means for Your Enterprise

As companies scramble to address the newly exploited, ubiquitous Log4j vulnerability, companies’ actions are now the potential source for government scrutiny. Our Privacy, Cyber & Data Security Team summarizes what the Log4j...more

FTC Releases Warning to Companies that Fail to Mitigate Log4j Vulnerability

Less than a month ago, a critical vulnerability was identified in the ubiquitous, open source Log4j tool prompting swift guidance from Cybersecurity and Infrastructure Security Agency (CISA) and other security practitioners. ...more

CISA Issues Statement on Log4j Critical Vulnerability

Log4j is a java-based tool from Apache’s open source library used for parsing logs that never seems to have made headlines before this past weekend.  Now, following the December 9th public announcement of a vulnerability in...more

Department of Defense Suspends the CMMC Pilot Program And CMMC Requirements In DoD Solicitations Pending Major Changes For CMMC...

The Department of Defense (“DoD”) recently announced it will be revamping the nascent Cybersecurity Maturity Model Certification (“CMMC”) program pending two separate rulemaking processes.  As detailed below, the DoD will be...more

New Civil Cyber-Fraud Initiative Signals Increased Litigation Risk Arising from Cybersecurity Practices

Our Privacy, Cyber & Data Strategy and White Collar, Government & Internal Investigations teams answer the questions government contractors will have about how to evaluate the False Claims Act risks signaled by the Department...more

Department of Justice Announces New Civil Fraud Cybersecurity Enforcement Team

On October 6, 2021, Deputy Attorney General Lisa O. Monaco announced the launch of the Department of Justice’s Civil Cyber-Fraud Initiative. The Department plans to use civil enforcement tools to “pursue…those who are...more

Biden Administration To Issue Cybersecurity “Performance Goals” For Critical Infrastructure

Yesterday, the Biden Administration issued a National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems (“Memorandum”).  A short summary is below.  However, the primary take away is...more

U.S. and Allies Formally Accuse China of Microsoft Hack and Cyberespionage

On July 19, 2021, the Biden administration, along with a group of allies publicly accused the Chinese government of malicious cyber activities and irresponsible state behavior.  The joint announcement states the U.S....more

Department of Defense’s CMMC: Where Is It Now?

Our Privacy, Cyber & Data Strategy Team updates the slow progress of the Cybersecurity Maturity Model Certification and the slower progress of clearing assessment organizations that can actually certify contractors....more

The Supreme Court Narrows The Scope of The Computer Fraud and Abuse Act

Today, the Supreme Court issued a long-awaited decision in Van Buren v. United States interpreting the meaning of “exceeds authorized access” under the Computer Fraud and Abuse Act (“CFAA”)....more

Executive Order Details Cybersecurity Changes For Public And Private Sector

In a lengthy Executive Order issued on May 12, 2021 (the “Order”), the Biden Administration has taken steps “to make bold changes and significant investments” in both public and private sector cybersecurity “in order to...more

Russia Sanctioned For Role In SolarWinds Supply Chain Attack

On April 15, 2021, the Biden Administration took a significant step in announcing sanctions against the Russian Government and private Russian entities for multiple internationally-destabilizing activities, including the...more

Potential Solutions for Maintaining Attorney-Client Privilege and Work Product Protections over Forensic Reports in Light of...

Our Privacy, Cyber & Data Strategy Team delves into how a federal court decided that a data breach forensic report was discoverable despite efforts to protect it under attorney-client privilege and work product protections...more

Fifth Circuit Decision Raises Cyber Enforcement Complications for the U.S. Department of Health and Human Services

As the Biden administration begins detailing its regulatory and enforcement priorities, it faces a new challenge on the health data privacy and security front. In University of Texas M.D. Anderson Cancer Center v. United...more

Federal Court Rules Cyber Forensic Report Is Not Protected Under Attorney-Client Privilege Or Work Product Doctrine

On January 12, 2021, Judge Boasberg (D.D.C.) ruled that a forensic report prepared for outside counsel following a cyber incident investigation was not protected under either attorney-client privilege or the work product...more

Six Practical Tips for Practicing Cyberhygiene in the Middle of a Global Pandemic

Businesses are facing long-term cybersecurity challenges as COVID-19 cases spike and remote work environments need to remain operational, scalable, and capable of flexing with cycles of coronavirus resurgence. Our...more

The FTC Expands its FCRA Enforcement Activity In Action Against Retailer

Most businesses are already familiar with the Fair Credit Reporting Act (“FCRA”) and the various requirements to protect the fairness, accuracy, and privacy of consumer credit information. However, a recent FTC enforcement...more

Proposed Federal Privacy Legislation Tackles COVID-19 Data

Data collection and analysis is becoming a key weapon in the fight against COVID-19 both here in the United States and around the globe.  But as governments and tech companies roll out a variety of applications and contact...more

COVID-19 Is Not A Free Pass For Privacy And Security Compliance

In the wake of stay-at-home orders stemming from the COVID-19 pandemic, companies have rushed to provide work-from-home options for many, if not all, of their employees. As exigency fades into the new normal, however, the...more

BREAKING: Location and Mobile Data in the Fight against COVID-19 – An Overview of U.S. and Global Efforts

Governments are increasingly seeking to leverage consumer geolocation and other mobile device data to assist with fighting the spread of COVID-19, as cases continue to mount globally. Location data can be of significant...more

COVID-19 and HIPAA: Privacy, Security, and Breach Response During a Global Pandemic

There’s more than a virus in the air – there’s malware and spyware too. Our Health Care and Cybersecurity Preparedness & Response Groups team up to list proactive steps HIPAA covered entities and business associates can take...more

DOJ Releases Guidance On Gathering Threat Intel From The Dark Web

The Cybersecurity Unit (“CsU”) of the Computer Crime and Intellectual Property Section of the Criminal Division of the United States Department of Justice (“CCIPS”) has released its guidance on “Legal Considerations when...more

24 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide