As cybersecurity threats continue to evolve, the sports industry faces unique challenges in safeguarding its data, athletes, and events. During a recent panel discussion at the Aspen Cyber Summit, Reynold Hoover, CEO of the...more
9/20/2024
/ Arenas and Stadiums ,
Athletes ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Protection ,
Hackers ,
NBA ,
NFL ,
Olympics ,
Sports Betting
So far, 2024 has been another very busy year for U.S. cybersecurity regulation. Among the top priorities has been software security, as we previewed early this year. Companies that sell software to the federal government or...more
8/15/2024
/ Compliance ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Federal Acquisition Regulations (FAR) ,
FedRAMP ,
General Services Administration (GSA) ,
Government Agencies ,
Information Technology ,
NIST ,
OMB ,
Software
Verizon released its Data Breach Investigations Report (DBIR) for 2024, an annual treat that highlights some trends companies should be aware of as they manage their cybersecurity programs and respond to and anticipate new...more
The proliferation of cybersecurity regulations has the White House and Congress calling for harmonization to streamline regulations, focus on reciprocity, and decrease compliance costs. Senator Gary Peters (D-MI), chair of...more
6/10/2024
/ Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Homeland Security (DHS) ,
Federal Trade Commission (FTC) ,
Information Technology ,
NDAA ,
NIST ,
OMB ,
Regulatory Agenda
On April 30, 2024 the White House updated the foundational U.S. government policy that defines critical infrastructure (CI) sectors and establishes a coordination structure within the federal government to support owners and...more
These days, cyber regulators are in a hurry. Commentators have observed, the “federal government is quietly directing a seismic shift in the economy” with new mandates. Ann Neuberger, Deputy National Security Advisor for...more
4/2/2024
/ ANSI ,
Cloud Service Providers (CSPs) ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Cybersecurity Framework ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Homeland Security (DHS) ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
Federal Information Security Modernization Act (FISMA) ,
NIST ,
OSHA ,
Regulatory Agenda
The U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is publishing a proposed rule (Proposal or NPRM) that will require broad segments of industry to meet onerous and quick...more
4/1/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Preservation ,
Department of Defense (DOD) ,
Department of Energy (DOE) ,
Department of Homeland Security (DHS) ,
Financial Services Industry ,
Food and Drug Administration (FDA) ,
Healthcare ,
ICANN ,
Information Technology ,
NPRM ,
Popular ,
Ransomware ,
Recordkeeping Requirements ,
Securities and Exchange Commission (SEC)
On February 28, 2024, the White House released a highly anticipated and far-reaching Executive Order (EO) that directs several new regulatory steps to limit the transfer of sensitive personal data outside of the United States...more
3/4/2024
/ Artificial Intelligence ,
Bureau of Industry and Security (BIS) ,
CFIUS ,
Consumer Financial Protection Bureau (CFPB) ,
Cross-Border Transactions ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Health and Human Services (HHS) ,
Department of Justice (DOJ) ,
Executive Orders ,
Mobile Apps ,
Office of Foreign Assets Control (OFAC) ,
Privacy Concerns ,
Secretary of Defense ,
Sensitive Personal Information ,
Smart Devices ,
Telecommunications ,
U.S. Commerce Department
A recent Report to Congress from the Office of Inspector General (OIG) of the Intelligence Community addresses barriers to information sharing that Congress sought to promote in landmark 2015 legislation. This report may have...more
As we enter the New Year, Wiley has looked back at the top cyber issues for 2023 and what they mean for 2024. Last year, we saw the rollout of the National Cybersecurity Strategy—which outlined a new era of cyber oversight—as...more
1/3/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
Environmental Protection Agency (EPA) ,
Executive Orders ,
FBI ,
Federal Acquisition Regulations (FAR) ,
Federal Trade Commission (FTC) ,
FISA ,
NIST ,
NSTAC ,
NYDFS ,
OMB ,
Popular ,
Ransomware ,
Securities and Exchange Commission (SEC) ,
TSA
The cyber reporting landscape is rapidly shifting. Many agencies are developing rules, and a major player has been the U.S. Securities and Exchange Commission (SEC), with important questions arising about implementation of...more
12/14/2023
/ Corporate Counsel ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
FBI ,
National Security ,
Public Disclosure ,
Public Safety ,
Risk Management ,
Securities and Exchange Commission (SEC)
WHAT: As we previously reported here, on October 3, 2023, the Federal Acquisition Regulatory Council (FAR Council) proposed a pair of major cybersecurity rules intended to implement key parts of President Biden’s May 2021...more
10/12/2023
/ Cloud Computing ,
Controlled Unclassified Information (CUI) ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
DFARS ,
Executive Orders ,
FBI ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Information Technology ,
Internet of Things ,
Software ,
Subcontractors
Information sharing has seemed like the “holy grail” of federal cyber policy: sought after but elusive, especially to those who think it will solve their problems. At a time of increased regulation and looming mandates for...more
On September 19, 2023, the Department of Homeland Security (DHS) released a Report to Congress (Report) on the Harmonization of Cyber Incident Reporting to the Federal Government. The Report reflects on the 52 in-effect or...more
On April 27, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security (DHS) issued a Notice of Agency Information Collection Activities to solicit public comments on a...more
As part of the government’s move to “rebalance” responsibilities in cyber, described in the National Cybersecurity Strategy, the United States government on April 13 released a notable document in partnership with several...more
On March 22, 2023, the Federal Trade Commission (FTC or Commission) issued its Solicitation for Public Comments on the Business Practices of Cloud Computing Providers. The FTC is seeking information about the market power and...more
On March 2, 2023, the White House Office of the National Cyber Director (ONCD) released the National Cybersecurity Strategy (“Strategy”). The Strategy outlines the Administration’s priorities for cyber regulations and policy....more
For years, federal cyber policy has been based on successful public-private partnerships, collaboration, and the promotion of voluntary standards that can be tailored to sector and organization-specific risk and needs....more
1/16/2023
/ Critical Infrastructure Sectors ,
Customer Proprietary Network Information (CPNI) ,
Cyber Crimes ,
Cybersecurity ,
Cybersecurity Framework ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Homeland Security (DHS) ,
Disclosure Requirements ,
Emerging Technology Companies ,
Federal Trade Commission (FTC) ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Sharing ,
NDAA ,
Popular ,
Regulatory Agencies ,
Risk Management ,
Securities and Exchange Commission (SEC)
On September 29, 2022, the Federal Insurance Office (FIO) of the Department of the Treasury published a Request for Comment (RFC) related to cyber insurance and catastrophic cyber incidents....more
At this week’s #MWC22, cybersecurity has been a major focus. Several panels were dedicated to exploring timely cybersecurity issues, including new and growing threat vectors; innovative industry advancements in cybersecurity;...more
Congress has directed the U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) to create broad new rules for mandatory cyber incident reporting to be imposed on critical...more
On August 11, 2022, the Consumer Financial Protection Bureau (CFPB) published a Circular stating that the failure of financial institutions, including nonbank financial firms such as fintech companies and credit reporting...more
Public comments in an ongoing cybersecurity proceeding at the National Institute of Standards and Technology (NIST) highlight the utility of a foundational cybersecurity document while also providing suggestions for its...more
In March 2022, Congress passed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) requiring critical infrastructure to report significant cyber incidents and ransomware payments to the Cybersecurity...more