DHS and Cyber: What Should Companies Expect?
In a Press Release issued April 11, 2025, the U.S. Department of Justice (“DOJ”) indicated that it would prioritize “facilitating compliance” over civil enforcement actions for the first 90 days of its new US-China data...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
In light of recent reports of cyberattacks on telecommunications companies, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued a series of reports and statements recommending secure communications,...more
President Joe Biden issued Executive Order (EO) 14117 in February 2024 to mitigate national security risks posed by threat countries’ access to sensitive personal data and government-related data. The EO directed the U.S....more
A significant shift in cybersecurity compliance is on the horizon, and businesses need to prepare. Starting in 2024, organizations will face new requirements to report cybersecurity incidents and ransomware payments to the...more
The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more
April 2024 On April 4, 2024, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (“CISA”) published a 447-page Notice of Proposed Rulemaking (“Proposed Rules”) in accordance with the...more
Most businesses in the United States will have to file incident reports—including for ransomware payments—under the Proposed Rule. The Department of Homeland Security has the authority to issue subpoenas and even penalties...more
On February 28, 2024, President Biden issued Executive Order 14117 on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern (the EO). The EO empowers...more
On May 23, 2023, CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published an updated version of the #StopRansomware...more
On February 7, 2023, the Department of Justice (DOJ) announced that settlements and judgments under the False Claims Act exceeded $2.2 billion during the 2022 fiscal year and that the government posted its second-highest...more
General and specialty compliance training from the comfort of your home or office! HCCA’s Regional Healthcare Compliance Conferences provide practitioners with virtual compliance training that includes updates on the...more
FDIC Directs Banks to Provide Notice Before Engaging in Crypto-related Activities According to guidance recently issued by the FDIC, banks that it supervises and that intend to engage in, or are already engaged in, activities...more
President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) on March 15, 2022. The enactment of CIRCIA follows attacks on critical infrastructure, such as the May 2021...more
This is the seventh post in this year’s series examining important trends in white collar law and investigations. Our previous post discussed SEC Enforcement in 2022: A Look Ahead. Up next: ESG and the SEC: What’s Next on the...more
Best Practices for the Virginia Consumer Data Protection Act - The Virginia Consumer Data Protection Act (VCDA) Working Group of the Joint Commission on Technology and Science released its final report on best practices...more
What: The Transportation Security Administration (TSA) has issued two Security Directives aimed at passenger and freight railroad cybersecurity, continuing the government’s move to an increasingly regulatory approach to...more
The year 2021 will likely be seen as a defining moment in the history of cybersecurity enforcement. For the healthcare industry and government contractors, in particular, the government’s expanding focus on cybersecurity...more
Our one-day Regional Compliance Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational...more
On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an updated advisory outlining the risks involved with facilitating ransom payments to malicious actors conducting...more
On September 21, 2021, the US Department of the Treasury took actions in response to the increasing prevalence and severity of ransomware attacks in the United States and address the central role that virtual currency and...more
Many companies have a “no ransomware payment” stance until faced with a ransomware attack, especially an attack that causes significant business disruption. At that point, the company may reconsider its stance (or at least...more