INTRODUCTION...
On January 16, 2025, President Biden issued an Executive Order (EO) on Strengthening and Promoting Innovation in the Nation’s Cybersecurity, to further address increasing threats from nation-state actors...more
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
11/4/2024
/ Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Security ,
Disclosure Requirements ,
Government Agencies ,
Incident Response Plans ,
National Security ,
Regulatory Agenda ,
Regulatory Oversight ,
Reporting Requirements ,
Risk Assessment ,
Risk Management ,
Securities and Exchange Commission (SEC)
On May 2, 2024, the Department of Defense (DoD) issued a class deviation to DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting.
The deviation relates to contractors’ compliance with...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
4/1/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Data Breach ,
Data Preservation ,
Data Protection ,
Data Security ,
Department of Homeland Security (DHS) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
NPRM ,
Proposed Rules ,
Ransomware ,
Regulatory Agenda
Background and Summary -
Table On July 26, 2023, the U.S. Securities and Exchange Commission (the “SEC”) issued a release (the “Adopting Release”), adopting final rules (the “Final Rules”) aimed at standardizing and...more
On March 9, 2023, the Securities and Exchange Commission (“SEC”) announced that Blackbaud Inc. (“Blackbaud”) agreed to pay $3 million to settle charges for alleged misleading disclosures about its 2020 ransomware attack and...more
With high-profile cybersecurity incidents hitting the headlines, President Biden’s recent cybersecurity executive order seeks to strengthen security practices at federal agencies and government contractors. But what does the...more
12/28/2021
/ Biden Administration ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Executive Orders ,
Popular ,
Private Sector ,
Ransomware ,
Risk Management
On July 28, 2021, President Biden signed a national security memorandum that seeks to “significantly improve” the cybersecurity of critical infrastructure systems....more
In the wake of the May 2021 ransomware attack on a major US oil pipeline, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) has released a security directive (the “TSA Directive”) to...more
6/2/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
Energy Policy ,
Hackers ,
National Security ,
Oil & Gas ,
Pipelines ,
Ransomware ,
Supply Chain ,
TSA