News & Analysis as of

Cloud Computing Risk Management Cybersecurity

HaystackID

Inside CyberCX’s 2025 DFIR Report: MFA Failures and Espionage Risks Revealed

HaystackID on

The DFIR 2025 Threat Report from CyberCX offers a firsthand view of how cyber adversaries adapted and accelerated their tactics in 2024. Covering incidents across Australia, New Zealand, North America, and Europe, the report...more

Davis Wright Tremaine LLP

FedRAMP 20x Initiative Promises Major Changes for Federal Cloud Service Providers

Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more

Holland & Knight LLP

GSA Announces Overhaul of FedRAMP with Emphasis on Industry Input and Automation

Holland & Knight LLP on

The U.S. General Services Administration (GSA) recently announced plans to develop the Federal Risk and Authorization Management Program (FedRAMP) 20x – a new approach to the government-wide program for the security...more

Morgan Lewis

Data Center Operations: Aligning Supply Chain, Compliance, and Customer Expectations

Morgan Lewis on

The demand for data centers is continuing to accelerate, fueled largely by generative artificial intelligence (Gen AI), broader digital transformation, and organizations migrating to cloud infrastructure. Gen AI adoption...more

Sheppard Mullin Richter & Hampton LLP

FedRAMP 20x – Major Overhaul Announced to Streamline the Security Authorization Process for Government Cloud Offerings

On March 24, 2025, the Federal Risk and Authorization Management Program (“FedRAMP”) announced a major overhaul of the program, which is being called “FedRAMP 20x.” The FedRAMP 20x announcement stated there are no immediate...more

Cozen O'Connor

FedRAMP Update – New Approach(es) to Authorization on the Way

Cozen O'Connor on

On Monday, March 24, 2025, the General Services Administration (GSA) launched FedRAMP 20x, as an effort to automate parts of the program and create collaboration with the industry to improve authorization process for cloud...more

Morrison & Foerster LLP - Government...

FedRAMP 20x: Reformulating the Authorization Process

FedRAMP Director Pete Waterman recently unveiled the “FedRAMP 20x” plan – a proposal designed to reimagine and reformulate the FedRAMP authorization process for federal government use of cloud-based products and services....more

Sheppard Mullin Richter & Hampton LLP

FedRAMP Releases New Draft Authorization Boundary Guidance

Over the last few years, the Federal Risk and Authorization Management Program (“FedRAMP”) Program Management Office (“PMO”) has released two draft guidance documents related to defining the applicable boundary for security...more

Sheppard Mullin Richter & Hampton LLP

Looking Beyond FedRAMP – Lessons from the U.S. Treasury Cybersecurity Incident

In the ever-evolving world of cybersecurity, even organizations that meet stringent security standards can be victims of sophisticated cyberattacks. A notable example of this is the December 8, 2024 cybersecurity incident...more

Morrison & Foerster LLP - Government...

Biden’s Final Cybersecurity Order Proposes Significant Changes, All to Be Implemented by the Incoming Administration

Citing the threats posed by foreign adversaries and criminal organizations, and seeking enhanced accountability for companies that provide software and cloud services to the federal government, the Biden administration has...more

Mayer Brown

New EU Cyber Rules (NIS2) Take Effect; Implementing Rules Adopted

Mayer Brown on

On 17 October 2024, the European Commission adopted the first Implementing Regulation under the Network and Information Security 2 Directive (EU) 2022/2555 (NIS2), focusing on digital infrastructures and services. The...more

HaystackID

Critical Vulnerability in NVIDIA Toolkit Threatens Cloud AI Environments

HaystackID on

A critical vulnerability, CVE-2024-0132, has surfaced in NVIDIA’s Container Toolkit, placing a substantial portion of cloud environments at risk. Discovered by researchers at Wiz, the flaw affects both the NVIDIA Container...more

BakerHostetler

FedRAMP Rewritten: OMB Publishes Guidance with FedRAMP’s Updated Vision, Scope and Governance Structure

BakerHostetler on

To dramatically scale up the Modernizing the Federal Risk and Authorization Management Program (FedRAMP) marketplace, the Office of Management and Budget (OMB) has completely rewritten FedRAMP’s vision, scope and governance...more

American Conference Institute (ACI)

[Event] 14th Advanced Forum on Global Encryption, Cloud & Export Controls - May 15th - 16th, San Francisco, CA

Hosted by American Conference Institute, the 14th Advanced Forum on Global Encryption, Cloud & Cyber Export Controls returns for another exciting year with curated programming that brings together a global gathering of...more

Polsinelli

Identifying and Remediating the Critical Apache Log4j Cybersecurity Vulnerability

Polsinelli on

On December 9th, 2021, a critical zero-day vulnerability, which has the potential of providing threat actors access to millions of computers worldwide, was discovered. Due to the critical nature of this vulnerability, and the...more

Robinson+Cole Data Privacy + Security Insider

Update on Apache log4j and Kronos Security Incidents

It was a crazy weekend for cyberattacks. People seem surprised, but those of us in the industry aren’t surprised one bit. It is very logical and foreseeable that hackers are leveraging attacks that have maximum disruption on...more

Womble Bond Dickinson

Log4Shell Vulnerability Poses Massive Cybersecurity Threat

Womble Bond Dickinson on

A widely reported flaw in popular software known as Log4j poses a severe cybersecurity threat to organizations around the globe, with hundreds of millions of devices at risk. Over the past week, government agencies,...more

Proskauer on Privacy

“Log4Shell” Vulnerability Has Potential to Compromise Millions of Devices

Proskauer on Privacy on

Cybersecurity experts around the world are scrambling to sound the alarm about a newly discovered security vulnerability that could be used by attackers to easily infiltrate computer systems. The vulnerability is found in...more

Society of Corporate Compliance and Ethics...

Chris Ford on Compliance and Cloud Computing

While organizations have increasingly embraced cloud computing as a solution to their data management and other needs, they do so in an environment of heightened risks. Attacks on cloud providers are increasing, which makes...more

The Volkov Law Group

Cyber Incidents Underscore Absence of Real Private Sector Cybersecurity Standards

The Volkov Law Group on

Sometimes it takes a public event to remind corporate risk managers about the importance of effective risk management.  While corporate risk management functions have become yet another “hot” topic or new-fangled response to...more

Robinson+Cole Data Privacy + Security Insider

U.S. Chamber of Commerce and FICO Release Security Guidelines on Telework During COVID-19

It is no secret that companies are experiencing an increase in security incidents following the transition from work in the office to work from home during the pandemic. There are a number of causes, including the difficulty...more

Robinson+Cole Data Privacy + Security Insider

Transitioning from On-Site Audits to Zoom/Teams Audits

Auditors have to continue doing their job of auditing, but with the pandemic, audits now are rarely on-site. Many auditing firms are using remote technology to conduct audits, and companies are either forwarding files...more

White & Case LLP

Working from home – A checklist of the IT risks and exposures

White & Case LLP on

As the COVID-19 disease continues to spread, many countries have implemented nationwide lockdowns and many businesses have mandated employees to work from home. Even with the relaxation of lockdowns in different parts of the...more

Proskauer - New Media & Technology

Work-Outs of Technology and Services Agreements Challenged by COVID-19

In early February 2020, before most of us were truly aware of the implications of COVID-19, a well-respected IT consulting group predicted a $4.3 trillion global spend on information technology in 2020. Drivers of the...more

The Volkov Law Group

Living in the Cloud: Practical Approaches to Cybersecurity Risks (Part III of III)

The Volkov Law Group on

Businesses are increasingly relying on the cloud to store confidential and sensitive information.  One-third of information technology budgets are used for cloud services.  Rapid growth in cloud storage is expected over the...more

34 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide