DHS and Cyber: What Should Companies Expect?
FCC Seeks Comment on Promoting the Integrity and Security of Telecommunications Certification Bodies, Measurement Facilities, and the Equipment Authorization Program: In this Notice of Proposed Rulemaking (NPRM), the Federal...more
On May 15th, after nearly a year of study, the Bipartisan U.S. Senate AI Working Group released its Roadmap for Artificial Intelligence (AI) Policy in the United States Senate. Based on insights collected during three...more
On April 30, 2024 the White House updated the foundational U.S. government policy that defines critical infrastructure (CI) sectors and establishes a coordination structure within the federal government to support owners and...more
On April 30, 2024, the White House announced that President Biden signed a new critical infrastructure memorandum, titled National Security Memorandum on Critical Infrastructure Security and Resilience ("NSM-22"). This new...more
New cybersecurity guidance for artificial intelligence (AI) systems, available here, was recently issued jointly by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the National Security Agency’s...more
On February 28, 2024, President Biden issued Executive Order 14117 on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern (the EO). The EO empowers...more
In a joint release last week, the Cybersecurity and Infrastructure Security Agency (CISA) and other federal agencies issued a chilling Advisory about the ongoing attacks by Volt Typhoon on U.S. critical infrastructure. Volt...more
Welcome to Holland & Knight's monthly defense news update. We are excited to bring you the latest in defense policy, regulatory updates and other significant developments. ...more
2023 has been a big year for AI with the landmark Executive Order for Safe, Secure, and Trustworthy Artificial Intelligence (EO) adding to the already busy and dynamic AI landscape. Issued less than two months ago, the EO has...more
The cyber reporting landscape is rapidly shifting. Many agencies are developing rules, and a major player has been the U.S. Securities and Exchange Commission (SEC), with important questions arising about implementation of...more
On May 24, 2023, Microsoft announced the detection of a direct threat to critical infrastructure organizations in Guam and elsewhere in the United States. The alert attributed observed malicious activity to a state-sponsored...more
On September 27, 2023, The U.S. National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japanese National Police Agency (NPA), and...more
On September 19, 2023, the Department of Homeland Security (DHS) released a Report to Congress (Report) on the Harmonization of Cyber Incident Reporting to the Federal Government. The Report reflects on the 52 in-effect or...more
Background: In March 2022, President Joe Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) into law, ushering in a new era of enhanced cybersecurity measures. This legislation...more
In an era where our lives are ever more intertwined with technology, the security of digital platforms is a matter of national concern. A recent large-scale cyberattack affecting several U.S. federal agencies and numerous...more
On May 23, 2023, CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published an updated version of the #StopRansomware...more
The Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security (DHS) recently published a draft version of a Secure Software Development Attestation Common Form. The draft Common Form is...more
On April 27, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security (DHS) issued a Notice of Agency Information Collection Activities to solicit public comments on a...more
On March 1, 2023, the White House released a new National Cybersecurity Strategy (the Strategy) documenting the Biden-Harris administration’s approach to improving cybersecurity across the digital ecosystem. The Strategy...more
On March 2, 2023, the White House Office of the National Cyber Director (ONCD) released the National Cybersecurity Strategy (“Strategy”). The Strategy outlines the Administration’s priorities for cyber regulations and policy....more
With cybersecurity risks increasing and evolving moving into 2023, the federal government is taking steps to help secure our cyber infrastructure. The recent passing of the 2023 omnibus spending agreement included additional...more
California Privacy Protection Agency Releases Revised Regulations - With the effective date less than three months away, and ahead of a Board Meeting on October 28 and 29, the California Privacy Protection Agency released...more
President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) on March 15, 2022. The background and contours of CIRCIA are discussed in a previous update. CIRCIA authorizes and...more
A proposed $1M civil penalty against Colonial Pipeline for its procedural failures during a ransomware attack could indicate what’s in store for critical infrastructure operators who fail to keep employees up to date on how...more
President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) on March 15, 2022. The enactment of CIRCIA follows attacks on critical infrastructure, such as the May 2021...more