Last year we made some predictions about 2024’s cyber landscape and major issues. Several proved prescient, with incident reporting, CISO scrutiny, SEC aggression, and new regulation of various sectors taking shape as the...more
1/7/2025
/ Artificial Intelligence ,
Chief Information Security Officer (CISO) ,
China ,
Corporate Counsel ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
DFARS ,
Emerging Technologies ,
FCC ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Intelligence Services ,
Internet of Things ,
Loper Bright Enterprises v Raimondo ,
National Security Agency (NSA) ,
NIST ,
OIG ,
Popular ,
Regulatory Agenda ,
Regulatory Standards ,
SCOTUS ,
TSA ,
Unmanned Aircraft Systems
Despite the coming transition in agency leadership, the FCC’s Internet of Things (IoT) Cybersecurity Labeling Program (the IoT Program) hit some major milestones this month, as the agency pushes ahead with this novel program....more
The U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is publishing a proposed rule (Proposal or NPRM) that will require broad segments of industry to meet onerous and quick...more
4/1/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Preservation ,
Department of Defense (DOD) ,
Department of Energy (DOE) ,
Department of Homeland Security (DHS) ,
Financial Services Industry ,
Food and Drug Administration (FDA) ,
Healthcare ,
ICANN ,
Information Technology ,
NPRM ,
Popular ,
Ransomware ,
Recordkeeping Requirements ,
Securities and Exchange Commission (SEC)
On February 26, 2024, the National Institute of Standards and Technology (NIST) released the Cybersecurity Framework version 2.0 (CSF 2.0). CSF 2.0 is a generational update to NIST’s foundational cybersecurity guidance, which...more
As we enter the New Year, Wiley has looked back at the top cyber issues for 2023 and what they mean for 2024. Last year, we saw the rollout of the National Cybersecurity Strategy—which outlined a new era of cyber oversight—as...more
1/3/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
Environmental Protection Agency (EPA) ,
Executive Orders ,
FBI ,
Federal Acquisition Regulations (FAR) ,
Federal Trade Commission (FTC) ,
FISA ,
NIST ,
NSTAC ,
NYDFS ,
OMB ,
Popular ,
Ransomware ,
Securities and Exchange Commission (SEC) ,
TSA
As heated debate continues over possible changes to the Foreign Intelligence Surveillance Act (FISA), which is poised to expire later this month, we wanted to provide some perspective on a few practical issues. As former DOJ...more
12/13/2023
/ Cyber Threats ,
Data Collection ,
Department of Justice (DOJ) ,
Electronic Communications ,
Espionage ,
FBI ,
FISA ,
Intellectual Property Protection ,
National Security ,
NDAA ,
Popular ,
Senate Judiciary Committee ,
Surveillance
The Black Cat/ALPHV ransomware group filed a complaint with the U.S. Securities and Exchange Commission (SEC) to allege that one of their victims failed to disclose a cyberattack to the SEC within four days, reports Bleeping...more
On March 2, 2023, the White House Office of the National Cyber Director (ONCD) released the National Cybersecurity Strategy (“Strategy”). The Strategy outlines the Administration’s priorities for cyber regulations and policy....more
For years, federal cyber policy has been based on successful public-private partnerships, collaboration, and the promotion of voluntary standards that can be tailored to sector and organization-specific risk and needs....more
1/16/2023
/ Critical Infrastructure Sectors ,
Customer Proprietary Network Information (CPNI) ,
Cyber Crimes ,
Cybersecurity ,
Cybersecurity Framework ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Homeland Security (DHS) ,
Disclosure Requirements ,
Emerging Technology Companies ,
Federal Trade Commission (FTC) ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Sharing ,
NDAA ,
Popular ,
Regulatory Agencies ,
Risk Management ,
Securities and Exchange Commission (SEC)
On August 29, 2022, the Maryland Court of Appeals issued its opinion in Richardson v. Maryland, expanding the protection of the Fourth Amendment for subjects of criminal investigations whose cell phones are subject to a...more
On July 29, 2022, the New York Department of Financial Services (DFS) released Draft Amendments to its Part 500 Cybersecurity Rules. These changes are open for a preliminary public comment until August 18, and then an...more
8/17/2022
/ Chief Information Security Officer (CISO) ,
Covered Entities ,
Cyber Incident Reporting ,
Cybersecurity ,
Financial Institutions ,
Financial Services Industry ,
Multi-Factor Authentication ,
New York ,
Popular ,
Proposed Amendments ,
Securities and Exchange Commission (SEC)
The Federal Communications Commission (FCC) heard from key stakeholders about innovations in Internet security, giving the agency a lot to chew on as it evaluates next steps and its role in the complex Internet ecosystem....more
Late 2021 and early 2022 have been full of federal government activity related to cybersecurity incident reporting. Congress passed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 to require mandatory...more
3/21/2022
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Protection ,
Department of Homeland Security (DHS) ,
Popular ,
Securities and Exchange Commission (SEC) ,
TSA
What: Publicly traded companies may soon be subject to additional cybersecurity reporting requirements. On March 9, 2022, the Securities and Exchange Commission (SEC) proposed rules and amendments to enhance and standardize...more
What: On February 23, 2022, the National Security Telecommunications Advisory Committee (NSTAC) approved a final draft of its forthcoming report to the President on Zero Trust and Trusted Identity Management. ...more
2/28/2022
/ Cybersecurity ,
Cybersecurity Framework ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Homeland Security (DHS) ,
Executive Orders ,
Multi-Factor Authentication ,
National Security ,
NIST ,
NSTAC ,
OMB ,
Popular ,
Risk Management ,
Telecommunications
What: Cleared Defense Contractors (CDCs) are being actively targeted by Russian state-sponsored cyber activity, according to a Joint Cybersecurity Advisory from the Federal Bureau of Investigation (FBI), National Security...more
2/17/2022
/ Bad Actors ,
Controlled Unclassified Information (CUI) ,
Critical Infrastructure Sectors ,
Cyber Weapons ,
Cybersecurity ,
Cybersecurity Framework ,
Cybersecurity Information Sharing Act (CISA) ,
Defense Sector ,
Department of Defense (DOD) ,
FBI ,
Federal Contractors ,
Information Technology ,
Intelligence Services ,
Multi-Factor Authentication ,
NIST ,
Passwords ,
Popular ,
Russia ,
Sensitive Business Information ,
Subcontractors ,
Technology Sector