News & Analysis as of

Cybersecurity Incident Response Plans National Institute of Standards and Technology

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Mitratech Holdings, Inc

The Crucial Role of Business Impact Analysis (BIA) in Cyber Resilience

Mitratech Holdings, Inc on

Cyber threats aren’t a distant possibility — they’re a daily reality. And according to IBM’s Cost of a Data Breach Report, they’re costing businesses more than ever. The global average data breach cost has surged to $4.88...more

StoneTurn

2025 Incident Response Landscape: Practical Tips for Cybersecurity Readiness

StoneTurn on

Organizations seeking to improve their cybersecurity posture in 2025 must assess what happens after an incident has occurred, and how an incident response team will be able to mobilize to respond. This article provides...more

Woods Rogers

FAR Council Publishes Proposed Rule Imposing New Security Requirements on Contractors Handling CUI

Woods Rogers on

On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more

Holland & Knight LLP

Safeguarding Health Information: Takeaways from HHS and NIST 2024 HIPAA Security Conference

Holland & Knight LLP on

President Ronald Reagan famously quipped, "I think you all know that I've always felt that the nine most terrifying words in the English language are: I'm from the Government, and I'm here to help."1 At an Oct. 23-24, 2024,...more

Polsinelli

Cybersecurity for Critical Infrastructure Update – Incident Response Improves, Industry Standards Evolve

Polsinelli on

Critical infrastructure facilities are increasingly vulnerable to cybersecurity events, as demonstrated by the number of cyberattacks that have occurred this year against utilities including those in the energy sector...more

Association of Certified E-Discovery...

[Webinar] What Does CISA and NIST Say About Forensic Investigations During a Breach? - November 7th, 10:00 am PST

Association of Certified E-Discovery... on

In 2021 CISA released their Incident Response and Vulnerability Playbook, and in 2024 NIST updated their Cybersecurity Framework. Using the Playbook and Framework as a template, forensic teams can build a repeatable processes...more

Harris Beach Murtha PLLC

NY Department of Financial Services Issues AI Cybersecurity Guidance

Harris Beach Murtha PLLC on

The New York Department of Financial Services (DFS) has issued guidance, in the form of an industry letter, on addressing cybersecurity risks arising from artificial intelligence (AI) under its cybersecurity regulation, 23...more

EDRM - Electronic Discovery Reference Model

[Webinar] Data Risk & Resilience Part III - Digital Forensics in your Incident Response Plan - September 19th, 1:00 pm - 2:00 pm...

EDRM - Electronic Discovery Reference Model on

Data Resilience Masterclass: Navigating the Risks of the Digital Age - Data Risk and Resilience is a critical topic for modern businesses, especially within industries that handle vast amounts of sensitive information....more

Association of Certified E-Discovery...

[Webinar] Digital Forensics in your Incident Response Plan - September 26th, 10:00 am PDT

Association of Certified E-Discovery... on

Organizations face increasingly sophisticated threats that can compromise data and disrupt business operations. This presentation will explore the role that digital forensics plays in an effective incident response plan using...more

EDRM - Electronic Discovery Reference Model

What Everyone Gets Wrong About Inherent Risk, and Why it Really Matters

EDRM - Electronic Discovery Reference Model on

Defining the role of inherent risk in cybersecurity - Inherent risk is a concept that while fundamental to cybersecurity, has largely been disregarded by popular cybersecurity risk guidelines and standards and remains arcane...more

McCarter & English Blog: Government Contracts...

NIST SP 800-171 Revision 3 Goes Final: Who’s Down with ODP?

McCarter & English Blog: Government Contracts... on

On May 14, 2024, the National Institute of Standards and Technology (NIST) dropped the third remix…er, revision…of its Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems...more

Troutman Pepper Locke

That’s a Wrap…or Not? Regulatory Data Incident Investigation Resolutions and the Path Forward

Troutman Pepper Locke on

As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more

Bradley Arant Boult Cummings LLP

Network Topology and Network Mapping: The NIST Cybersecurity Framework – Part 2

Bradley Arant Boult Cummings LLP on

A previous installment discussed the centrality of network topology to an organization’s data security and outlined the legal framework and obligations incumbent upon many organizations in the U.S. The first installment can...more

Davis Wright Tremaine LLP

CISA, UK NCSC, and 17 Other Countries Issue Landmark Joint Guidelines for Secure AI System Development

Davis Wright Tremaine LLP on

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (UK NCSC), along with partner agencies from 17 nations, have released Guidelines for Secure AI System Development (the...more

Baker Donelson

Show Your Work: The SEC Cyber Rules and Documenting Materiality Analysis Under NIST FIPS 199

Baker Donelson on

The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more

Health Care Compliance Association (HCCA)

Privacy Briefs: October 2023

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more

Ankura

Implementing the NIST Privacy Framework – Protect Function

Ankura on

This is the final installment in a series of articles on the core functions of the National Institute of Standards and Technology (NIST) Privacy Framework where we cover the Protect function. As previously published in an...more

Holland & Knight LLP

Get Ready for HIPAA Questions on Your Recognized Security Practices

Holland & Knight LLP on

An amendment to the Health Information Technology for Economic and Clinical Health (HITECH) Act was signed into law on Jan. 5, 2021, directing U.S. Health and Human Services (HHS) to consider "recognized security practices"...more

Goodwin

Biden Executive Order Likely to Push Private Sector Forward on Cybersecurity

Goodwin on

On May 12, President Biden signed an Executive Order on Improving the Nation’s Cybersecurity. The order comes on the heels of a number of recent widely reported cybersecurity crises, including the Solar Winds and Microsoft...more

King & Spalding

Ransomware on the Rise in Critical Infrastructure Sector

King & Spalding on

Recent ransomware attacks against U.S. critical infrastructure, which includes the energy sector’s production of oil and natural gas, and other sources of electricity and power, have shed a spotlight on the importance of...more

Skadden, Arps, Slate, Meagher & Flom LLP

Cybersecurity Challenges and Incident Response Preparedness During the Coronavirus Pandemic

Skadden, Arps, Slate, Meagher & Flom LLP on

The spread of the novel coronavirus has upended Americans’ lives in a matter of months. While life outside has ground to a standstill in many regions of the country, much of corporate America is meeting the unique challenges...more

Skadden, Arps, Slate, Meagher & Flom LLP

Privacy & Cybersecurity Update - May 2017

Skadden, Arps, Slate, Meagher & Flom LLP on

In this edition of our Privacy and Cybersecurity Update, we take a look at the Trump administration's executive order outlining its cybersecurity plans, Acting FTC Chairwoman Maureen Ohlhausen's comments on the possible...more

McAfee & Taft

Healthcare Records Held Hostage: When ransomware attacks

McAfee & Taft on

Imagine for a moment that your hospital or physician practice suddenly cannot access its electronic medical records. There hasn’t been a natural disaster. No, instead you are inexplicably staring at a computer screen from an...more

Farella Braun + Martel LLP

Cybersecurity and Data Breaches: How In-House Counsel Can Engage the Board

Farella Braun + Martel LLP on

A company's board of directors has a duty to oversee all aspects of the company's risk management efforts. This includes a duty to recognize and minimize the company's exposure to cyber attacks. In today's increasingly...more

Perkins Coie

New DoD Cybersecurity Rule and How Contractors Can Reduce Their Risks

Perkins Coie on

The Department of Defense (DoD) issued an interim cybersecurity rule in August 2015 that, among other things, revises the existing Defense Federal Acquisition Regulation Supplement (DFARS) cybersecurity clause and increases...more

29 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide