The federal government continues to put pressure on cloud service providers. On March 22, 2023, the Federal Trade Commission (FTC) issued a Request for Information (RFI) seeking public input on the market power and business...more
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the formation of a new program aimed at identifying and preventing ransomware attacks. The initiative is known as the Ransomware Vulnerability Warning...more
Since its inception in 2011, the Federal Risk and Authorization Management Program (FedRAMP) has sought to facilitate adoption of secure cloud computing services by federal government agencies. A newly enacted law, the...more
The Transportation Security Administration (TSA) published an Advance Notice of Proposed Rulemaking (ANPRM) on November 30, 2022, seeking stakeholder comment on ways to strengthen cybersecurity and resiliency for pipeline and...more
The federal Cybersecurity & Infrastructure Security Agency (CISA) has issued a request for information (RFI) seeking public input on its development of cyber incident and ransom payment reporting rules under the Cyber...more
The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), signed into law by President Biden in March 2022 as part of the Consolidated Appropriations Act of 2022, will require companies operating in...more
Since first announced in December 2021, the critical Log4j vulnerability has stolen the attention of many cybersecurity professionals. The Federal Trade Commission (FTC) has taken notice too....more
On September 21, 2021, the U.S. Department of the Treasury announced two major actions by the Office of Foreign Asset Control (OFAC) to combat ransomware: the release of OFAC's Updated Advisory on Potential Sanctions Risks...more
Earlier this week, the White House announced that the Office of Management and Budget (OMB) has released a draft of the Federal Zero Trust Strategy—a plan for moving federal civilian executive branch (FCEB) agencies toward...more
On Wednesday, the White House released a widely anticipated Executive Order on Improving the Nation’s Cybersecurity (EO). The EO addresses four major areas of cybersecurity maturity for the federal government and its private...more