Nathan Salminen

Nathan Salminen

Hogan Lovells

Contact

Readers' Choice Awards

Cybersecurity
View Bio
RSS

Latest Posts › Risk Management

Share:

NIST finalizes cybersecurity incident response framework profile aligned with CSF 2.0

On April 3, NIST published practical incident response guidance aligned with its CSF 2.0 framework. The guidance outlines best practices in security incident preparation and response for organizations mapped across each of...more

4/15/2025  /  Best Practices , Cyber Attacks , Cybersecurity , New Guidance , NIST , Policies and Procedures , Risk Assessment , Risk Management

CISA reevaluating its critical infrastructure public-private partnership

Earlier this month, Secretary of the Department of Homeland Security (DHS) Kristi Noem announced plans to disband the Critical Infrastructure Partnership Advisory Council (CIPAC).  First created in 2006, CIPAC is a...more

4/8/2025  /  Critical Infrastructure Sectors , Cybersecurity , Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) , Information Sharing , New Regulations , Proposed Legislation , Public Private Partnerships (P3s) , Regulatory Reform , Risk Management

Confronting social engineering in the age of artificial intelligence

AI-enabled technology enhances threat actors’ ability to engage in advanced and difficult-to-detect forms of social engineering to deceive employees and circumvent companies’ security controls. Companies may consider new...more

2/20/2025  /  Artificial Intelligence , Cyber Attacks , Cybersecurity , Data Security , Deep Fake , Phishing Scams , Risk Management , Social Engineering , Training

Security Snippets: CISA publishes sector-specific cyber performance goals for IT and product design

The Cybersecurity and Infrastructure Security Agency (CISA) unveiled new cyber performance goals aimed at addressing risks to software development and product design in the IT sector. Last week, the Cybersecurity and...more

1/20/2025  /  Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Data Protection , Data Security , Incident Response Plans , Information Technology , Risk Management , Software , Supply Chain , Technology Sector

Cybersecurity researchers discover “Bad Likert Judge,” a new AI jailbreaking technique

The “Bad Likert Judge” jailbreaking technique boasts a high attack success rate by using a three-step approach which employs the target LLM’s own understanding of harmful content to bypass the target LLM’s safety guardrails....more

1/16/2025  /  Artificial Intelligence , Cyber Attacks , Cyber Threats , Cybersecurity , Machine Learning , Popular , Risk Management , Vulnerability Assessments

TSA rule would require cyber risk management for railroads, buses, and pipeline operators

On November 6, 2024, the Transportation Security Administration (TSA) published a Notice of Proposed Rulemaking (NPRM) that would mandate cyber risk management and reporting requirements for certain surface transportation...more

12/10/2024  /  Comment Period , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Oil & Gas , Pipelines , Proposed Rules , Railroads , Risk Management , Surface Transportation , Transportation Security Administration

NIST refines Cybersecurity Security Framework, with increased focus on governance and supply chain

NIST has updated its widely used Cybersecurity Framework to provide key updates and practical resources for organizations to manage and discuss cybersecurity risk. The updated framework, which remains voluntary, is designed...more

3/14/2024  /  Cybersecurity , Cybersecurity Framework , NIST , Popular , Risk Management , Supply Chain

Executive order on AI issued by California’s governor signals continued focus on GenAI

Yesterday, California Governor Gavin Newsom issued an executive order regarding generative artificial intelligence (“GenAI”). The order states that California has established itself as the world leader in GenAI innovation...more

9/7/2023  /  Artificial Intelligence , California , Cybersecurity , Executive Orders , Public Procurement Policies , Risk Management

Employers Take Notice: Increased Cybersecurity Threats Amid Coronavirus Precautions

On March 11, the Word Health Organization officially characterized the coronavirus (COVID-19) outbreak as a pandemic. During the outbreak, many employers around the world are seeking to prioritize the well-being and safety of...more

3/16/2020  /  Business Continuity Plans , Business Interruption , China , Coronavirus/COVID-19 , Crisis Management , Cybersecurity , Data Protection , Emergency Management Plans , Infectious Diseases , Information Security , Malware , Policies and Procedures , Popular , Public Health , Risk Management

The UK Cyber Essentials Requirements for IT Infrastructure provides a window into GDPR expectations for data security requirements

The EU’s General Data Protection Regulation (GDPR), which went into effect in May 2018, requires companies to implement appropriate security measures when handling personal data....more

9/12/2018  /  Bring Your Own Device (BYOD) , Critical Infrastructure Sectors , Cybersecurity , Data Protection , Electronic Data Transmissions , EU , General Data Protection Regulation (GDPR) , Information Commissioner's Office (ICO) , Information Technology , Mobile Device Management , PaaS , Personal Data , Popular , Risk Management , SaaS , Security Risk Assessments , UK
10 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide