News & Analysis as of

Cybersecurity National Institute of Standards and Technology Cyber Incident Reporting

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
J.S. Held

2025 J.S. Held Global Risk Report: Managing Cyber Risk

J.S. Held on

Cyber incidents such as the 2024 event involving Change Healthcare, which compromised the personal information of over 100 million people, highlight the evolving nature of cyber threats – increasingly becoming risk management...more

StoneTurn

2025 Incident Response Landscape: Practical Tips for Cybersecurity Readiness

StoneTurn on

Organizations seeking to improve their cybersecurity posture in 2025 must assess what happens after an incident has occurred, and how an incident response team will be able to mobilize to respond. This article provides...more

Schwabe, Williamson & Wyatt PC

Coast Guard Tightens Up Cybersecurity Regulations

Schwabe, Williamson & Wyatt PC on

The maritime industry has become a prime target for hackers. In the last few years, it has seen a steep increase in the number of shipping-related cyberattacks. The recent surge marks a new and pressing challenge for ports...more

Cozen O'Connor

FAR Proposed Controlled Unclassified Information Rule: A Path Toward Standardization

Cozen O'Connor on

On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more

Wiley Rein LLP

FAR Council Unveils Long-Anticipated Rule for Controlled Unclassified Information

Wiley Rein LLP on

WHAT: The FAR Council published a proposed rule to incorporate the Controlled Unclassified Information (CUI) Program into the acquisition process and, in doing so, seeks to more clearly define government and contractor roles...more

Woods Rogers

FAR Council Publishes Proposed Rule Imposing New Security Requirements on Contractors Handling CUI

Woods Rogers on

On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more

McCarter & English Blog: Government Contracts...

They Did It. They Really Did It! The Arrival of the FAR CUI Proposed Rule

McCarter & English Blog: Government Contracts... on

After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more

Blank Rome LLP

The FAR Council Publishes Long-Awaited CUI Rule

Blank Rome LLP on

On January 15, 2025, the Federal Acquisition Regulation (“FAR”) Council issued its long-awaited “CUI Rule.” CUI, or Controlled Unclassified Information, is information that the government creates or possesses, or that an...more

BakerHostetler

2024 SEC Cybersecurity Rule Updates

BakerHostetler on

The first year of a new significant regulatory obligation is often more notable for the absence of regulatory enforcement actions as regulators often observe compliance efforts and challenges, offer guidance, and look for...more

Wiley Rein LLP

Updates on Cybersecurity Requirements for Government Contractors

Wiley Rein LLP on

Part of the Biden Administration’s push to enhance U.S. cybersecurity capabilities has focused on imposing new requirements on government contractors. The 2023 National Cybersecurity Strategy suggested, for example, that...more

Wiley Rein LLP

CMMC 2.0 Update: DOD Proposed Rule Introduces Standard Terms for Contracts Subject to CMMC 2.0, Including Yet Another 72-Hour...

Wiley Rein LLP on

WHAT: The U.S. Department of Defense (DOD) just published the second of two proposed rules setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The earlier...more

Wiley Rein LLP

Calls for Cybersecurity Regulatory Harmonization Ramp Up in Congress, White House

Wiley Rein LLP on

The proliferation of cybersecurity regulations has the White House and Congress calling for harmonization to streamline regulations, focus on reciprocity, and decrease compliance costs. Senator Gary Peters (D-MI), chair of...more

Clark Hill PLC

DOD Issues Class Deviation Regarding Cyber Security Requirements

Clark Hill PLC on

Earlier this month (on May 2, 2024) the Defense Department (DOD) issued Class Deviation—Safeguarding Covered Defense Information and Cyber Incident Reporting effective that day....more

Mayer Brown

US DoD Issues Class Deviation Delaying DFARS Implementation of Upcoming NIST SP 800-171, Revision 3

Mayer Brown on

On May 2, 2024, the Department of Defense (DoD) issued a class deviation to DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting. The deviation relates to contractors’ compliance with...more

Health Care Compliance Association (HCCA)

Privacy Briefs: April 2024

Health Care Compliance Association (HCCA) on

The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more

Wiley Rein LLP

Cybersecurity in 2024: Ten Top Issues to Consider

Wiley Rein LLP on

As we enter the New Year, Wiley has looked back at the top cyber issues for 2023 and what they mean for 2024. Last year, we saw the rollout of the National Cybersecurity Strategy—which outlined a new era of cyber oversight—as...more

Bradley Arant Boult Cummings LLP

Network Topology and Network Mapping: The NIST Cybersecurity Framework – Part 2

Bradley Arant Boult Cummings LLP on

A previous installment discussed the centrality of network topology to an organization’s data security and outlined the legal framework and obligations incumbent upon many organizations in the U.S. The first installment can...more

Bradley Arant Boult Cummings LLP

Federal Government Continues Its Big Push for Cybersecurity with SEC Action Against SolarWinds and Its CISO

Bradley Arant Boult Cummings LLP on

On October 30, 2023, the Securities and Exchange Commission (SEC) announced a civil suit against SolarWinds and their chief information security officer (CISO) for fraudulent cybersecurity information. The SEC claims that...more

Morrison & Foerster LLP

A New Frontier for SEC Cybersecurity Enforcement? The SEC Charges SolarWinds and its CISO with Securities Fraud

Morrison & Foerster LLP on

Earlier this week, the SEC accused SolarWinds Corporation (“SolarWinds” or the “Company”) and its Chief Information Security Officer (“CISO”) of committing scienter-based securities fraud, among other violations, for...more

Baker Donelson

Show Your Work: The SEC Cyber Rules and Documenting Materiality Analysis Under NIST FIPS 199

Baker Donelson on

The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more

Morrison & Foerster LLP - Government...

The FAR Council’s Proposed Cybersecurity Overhaul: Lots Of Questions, But Only Some Answers

Morrison & Foerster LLP - Government... on

In what can best be described as a tsunami of cybersecurity regulation, the Federal Acquisition Regulation (FAR) Council—consisting of the Department of Defense (DoD), General Services Administration (GSA), and National...more

Health Care Compliance Association (HCCA)

Privacy Briefs: October 2023

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more

Holland & Knight LLP

New Cybersecurity FAR Rules Poised to Have a Major Impact on Contractors

Holland & Knight LLP on

The Federal Acquisition Regulatory (FAR) Council on Oct. 3, 2023, issued two proposed rules to partially implement President Biden's Executive Order on Improving the Nation's Cybersecurity. The first proposed rule imposes...more

Ankura

Keeping Pace: The Evolution of Incident Response

Ankura on

Incident response (IR) has undergone a drastic transformation in the past two decades, adapting to the relentless evolution of the cyber threat landscape. In the early 2000s, as the internet became more deeply ingrained in...more

Wiley Rein LLP

CTIA Highlights Wireless Cybersecurity at MWC

Wiley Rein LLP on

On day two of Mobile World Congress (MWC), CTIA hosted a panel on “Promoting Security in a 5G World.” The panel discussed ongoing efforts by regulators and the ways that the wireless industry is responding to a changing...more

51 Results
 / 
View per page
Page: of 3
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide