DHS and Cyber: What Should Companies Expect?
This article is based on Carri Bennet’s April 9th presentation at the Palmetto Broadband Coalition Annual Convention in Greenville, S.C. In December 2024, the White House’s Deputy National Security Adviser for Cyber and...more
The Cybersecurity and Infrastructure Security Agency (CISA) unveiled new cyber performance goals aimed at addressing risks to software development and product design in the IT sector. Last week, the Cybersecurity and...more
Citing the threats posed by foreign adversaries and criminal organizations, and seeking enhanced accountability for companies that provide software and cloud services to the federal government, the Biden administration has...more
The incoming Trump administration is expected to make several policy changes likely to impact tech transactions. President-elect Donald Trump has promised to reduce regulation and cut federal bureaucracy, which he says have...more
U.S. supply chain security is increasingly under threat. The White House’s National Security Strategy describes this moment as an inflection point. Many federal agencies have taken charge in elevating the very concept of...more
On September 17, 2024, electronic pagers and walkie-talkies belonging to members of Hezbollah exploded. Over the course of two days, several people were killed and wounded. This incident highlights the broad set of concerns...more
On July 19, Change Healthcare Ince. filed a breach report with HHS Office for Civil Rights (OCR) concerning its mammoth ransomware attack and breach. The organization’s breach report to OCR identifies just 500 individuals as...more
In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns....more
Cyber incidents involving critical infrastructure pose a serious risk to the US. In March 2024, the Environmental Protection Agency and the National Security Advisor warned state governors about potential attacks on drinking...more
The Cybersecurity and Infrastructure Security Agency (“CISA”) recently released its new Proposed Rule pursuant to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which was published in the...more
On March 11, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Office of Management and Budget (“OMB”) released the highly-anticipated Secure Software Development Attestation Form (also known as the...more
The Cybersecurity and Infrastructure Security Agency (“CISA”) recently revised its Secure Software Development Attestation Common Form (after receiving over 110 comments on the initial draft), and is seeking additional...more
SEC Requests Comment on Incident Reporting NPRM for Certain Filings Affected by Technical Glitch: On October 18, the Securities and Exchange Commission (SEC) published a Notice announcing it has re-opened for 14 days the...more
Public comments in an ongoing cybersecurity proceeding at the National Institute of Standards and Technology (NIST) highlight the utility of a foundational cybersecurity document while also providing suggestions for its...more
Key Wireless Deadlines- FTC Seeks Comment on Petition for Rulemaking by NetChoice et al: The Federal Trade Commission (FTC) requests comment on a petition for rulemaking filed by NetChoice, Americans for Prosperity, Hispanic...more
Cybersecurity has emerged as a tangible risk for transportation service providers over the course of the last year. Ransomware attacks on domestic industry and critical infrastructure, and tensions associated with the Russian...more
Privacy In Focus®- In 2021, cyber gained prominence as a top business risk and national security concern with ransomware attacks wreaking havoc on business operations and critical infrastructure. Companies large and small,...more
On December 15, 2021, Congress passed the National Defense Authorization Act (NDAA or Act) for Fiscal Year (FY) 2022, which President Biden is expected to sign into law soon. As usual, the NDAA contains numerous provisions...more
On October 28, 2021, a bipartisan group of U.S. Senators introduced the Food Security is National Security Act of 2021 (the “Act”). Among other things, the Act would require the Committee on Foreign Investment in the United...more
The National Institute of Standards and Technology (“NIST”) is seeking comments on its draft NIST SP 800-161 Rev. 1, “Cyber Supply Chain Risk Management Practices for Systems and Organizations,” published on April 29, 2021....more
The Cybersecurity & Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST) jointly published a new resource as part of their ongoing efforts to promote awareness of, and help...more
The President’s new Executive Order on Improving the Nation’s Cybersecurity includes wide-ranging measures intended to strengthen security standards for the federal government and federal government contractors in response to...more
On Wednesday, the White House released a widely anticipated Executive Order on Improving the Nation’s Cybersecurity (EO). The EO addresses four major areas of cybersecurity maturity for the federal government and its private...more
On Wednesday, May 12, 2021, President Biden issued an ambitious and sweeping Executive Order focused on combating digital threats to US networks and infrastructure. The Executive Order on Improving the Nation’s Cybersecurity...more
The COVID-19 pandemic continues to impact the construction industry, and many countries continue to implement new or more stringent restrictions on entry into their borders. Those travel restrictions can impact any company...more