Late 2021 and early 2022 have been full of federal government activity related to cybersecurity incident reporting. Congress passed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 to require mandatory...more
3/21/2022
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Protection ,
Department of Homeland Security (DHS) ,
Popular ,
Securities and Exchange Commission (SEC) ,
TSA
What: Publicly traded companies may soon be subject to additional cybersecurity reporting requirements. On March 9, 2022, the Securities and Exchange Commission (SEC) proposed rules and amendments to enhance and standardize...more
What: On February 23, 2022, the National Security Telecommunications Advisory Committee (NSTAC) approved a final draft of its forthcoming report to the President on Zero Trust and Trusted Identity Management. ...more
2/28/2022
/ Cybersecurity ,
Cybersecurity Framework ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Homeland Security (DHS) ,
Executive Orders ,
Multi-Factor Authentication ,
National Security ,
NIST ,
NSTAC ,
OMB ,
Popular ,
Risk Management ,
Telecommunications
What: Cleared Defense Contractors (CDCs) are being actively targeted by Russian state-sponsored cyber activity, according to a Joint Cybersecurity Advisory from the Federal Bureau of Investigation (FBI), National Security...more
2/17/2022
/ Bad Actors ,
Controlled Unclassified Information (CUI) ,
Critical Infrastructure Sectors ,
Cyber Weapons ,
Cybersecurity ,
Cybersecurity Framework ,
Cybersecurity Information Sharing Act (CISA) ,
Defense Sector ,
Department of Defense (DOD) ,
FBI ,
Federal Contractors ,
Information Technology ,
Intelligence Services ,
Multi-Factor Authentication ,
NIST ,
Passwords ,
Popular ,
Russia ,
Sensitive Business Information ,
Subcontractors ,
Technology Sector
In the next podcast episode of Wiley’s 2022 Privacy & Cyber Series, Wiley partner Megan Brown and special counsel Lyn Brown, who recently joined Wiley from the FBI, discuss ransomware, geopolitical tensions, and the race to...more
Federal agencies have been actively looking at cyber threats to critical infrastructure. In a January 27 announcement the White House said: “it will extend the Industrial Control Systems (ICS) Cybersecurity Initiative to the...more
1/28/2022
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
Environmental Protection Agency (EPA) ,
Information Technology ,
Joe Biden ,
NDAA ,
Pipelines ,
Popular ,
Railways ,
Ransomware ,
Wastewater ,
Water ,
Wiretap Act
In the inaugural episode of Wiley’s 2022 Privacy & Cyber Series, Wiley partner Megan Brown and special counsel Lyn Brown, who recently joined Wiley from the FBI, discuss cyber trends that picked up speed in 2021 and offer...more
What: The Transportation Security Administration (TSA) has issued two Security Directives aimed at passenger and freight railroad cybersecurity, continuing the government’s move to an increasingly regulatory approach to...more
12/6/2021
/ Critical Infrastructure Sectors ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Enforcement Actions ,
Espionage ,
National Security ,
NIST ,
Owner-Operators ,
Popular ,
Railroads ,
Risk Assessment ,
Transportation Security Administration ,
TSA ,
Unauthorized Access
What: On November 16, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) released Federal Government Cybersecurity Incident and Vulnerability Playbooks as part of the Biden Administration’s efforts to improve...more
11/18/2021
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Popular ,
Private Sector ,
Technology Sector
The Cybersecurity and Infrastructure Security Agency (CISA) issued a sweeping binding directive to federal agencies to patch hundreds of cybersecurity vulnerabilities that are considered major risks for cyber actors to cause...more
11/9/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Homeland Security (DHS) ,
Hackers ,
National Security ,
Popular ,
Private Sector ,
Technology Sector
WHAT: On November 4, 2021, the U.S. Department of Defense (DOD) announced the completion of a months-long internal review and significant changes to the strategic direction of its Cybersecurity Maturity Model Certification...more
11/8/2021
/ Controlled Unclassified Information (CUI) ,
Corporate Counsel ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Protection ,
Data Security ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
NIST ,
Popular
Please join us in a discussion on the importance of M&A due diligence, where we will cover:
- Cybersecurity and ransomware;
- Corporate M&A activity;
- Bureau of Industry and Security (BIS), export controls, and...more
10/19/2021
/ Acquisitions ,
Bureau of Industry and Security (BIS) ,
CFIUS ,
Continuing Legal Education ,
Cybersecurity ,
Due Diligence ,
Export Controls ,
FOCI ,
Foreign Investment ,
Foreign Ownership ,
Mergers ,
National Security ,
Ransomware ,
Webinars
On September 22, 2021, the California Privacy Protection Agency (CPPA or Agency)—the new agency established by the California Privacy Rights and Enforcement Act (CPRA)—released an Invitation for Preliminary Comments on...more
On September 20, 2021, the U.S. Department of Commerce's (DOC) Bureau of Industry and Security (BIS) published a Notice of Request for Public Comments (RFC) on Risks in the Information Communications Technology (ICT) Supply...more
WHAT: On August 26, 2021, the Federal Acquisition Security Council (FASC) issued its final rule to implement the 2018 Federal Acquisition Supply Chain Security Act. See 86 Fed. Reg. 47582 (Aug. 26, 2021). The FASC made minor...more
On May 12, the Biden Administration issued an Executive Order (EO) setting in motion an ambitious plan to rapidly strengthen the cybersecurity posture of the Federal government and its contractors, service providers, and...more
There is a growing clamor in Congress and the Executive Branch to do something after the Colonial Pipeline incident and other high-profile cyber-attacks. Rushing to impose broad new obligations is perilous. Policymakers...more
President Biden’s recent issuance of the highly anticipated Executive Order on Improving the Nation’s Cybersecurity (EO or Order), in the midst of high-profile cyber-attacks on the Nation, brought new challenges to...more
In the last few years, thousands of businesses, hospitals, school districts, local governments, and other entities have fallen victim to ransomware. Several government and quasi-government groups are looking to take action....more
On May 12, 2021, President Biden issued the long-expected Executive Order on Improving the Nation’s Cybersecurity (“EO” or “Order”). The EO comes amidst a series of high-profile cyber-attacks on the Nation and its critical...more
5/13/2021
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cyber Crimes ,
Cybersecurity ,
Executive Orders ,
Federal Contractors ,
Information Technology ,
National Security ,
Private Sector ,
Reporting Requirements ,
Supply Chain
Utah has become the second state to establish a legal safe harbor for private-sector entities that follow certain cybersecurity best practices. On March 11, 2021, Utah’s Governor Spencer Cox signed into law the Cybersecurity...more
The U.S. Department of Homeland Security (DHS) has been central in federal cybersecurity policy for years, as an important non-regulatory body that convenes the private sector, works across agencies, and protects information...more
The old saying goes, personnel is policy. This may be particularly true at this point in federal cybersecurity policy, where multiple agencies and Congressional committees play changing roles, including expanding capacities...more
In this episode of Wiley Connected, Megan Brown talks with Melissa Vice, the Chief Operations Officer for DoD’s Vulnerability Disclosure Program (VDP) about trends and DoD cyber, including a new Pilot Program for the Defense...more
This month, the Government Accountability Office (GAO) published a report assessing the Department of Defense’s (DOD) approach to identifying and securing critical technologies. While DOD has been operating programs to...more