News & Analysis as of

Cybersecurity National Institute of Standards and Technology Risk Assessment

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Mitratech Holdings, Inc

The Crucial Role of Business Impact Analysis (BIA) in Cyber Resilience

Mitratech Holdings, Inc on

Cyber threats aren’t a distant possibility — they’re a daily reality. And according to IBM’s Cost of a Data Breach Report, they’re costing businesses more than ever. The global average data breach cost has surged to $4.88...more

Hogan Lovells

NIST finalizes cybersecurity incident response framework profile aligned with CSF 2.0

Hogan Lovells on

On April 3, NIST published practical incident response guidance aligned with its CSF 2.0 framework. The guidance outlines best practices in security incident preparation and response for organizations mapped across each of...more

Schwabe, Williamson & Wyatt PC

Coast Guard Tightens Up Cybersecurity Regulations

Schwabe, Williamson & Wyatt PC on

The maritime industry has become a prime target for hackers. In the last few years, it has seen a steep increase in the number of shipping-related cyberattacks. The recent surge marks a new and pressing challenge for ports...more

Ropes & Gray LLP

A Very Merry NISTmas: 2024 Updates to the Cybersecurity and AI Framework

Ropes & Gray LLP on

The National Institute of Standards and Technology (NIST) has been a leading voice in cybersecurity standards since 2013, when President Obama’s Executive Order on Improving Critical Infrastructure Cybersecurity tasked NIST,...more

Harris Beach Murtha PLLC

NY Department of Financial Services Issues AI Cybersecurity Guidance

Harris Beach Murtha PLLC on

The New York Department of Financial Services (DFS) has issued guidance, in the form of an industry letter, on addressing cybersecurity risks arising from artificial intelligence (AI) under its cybersecurity regulation, 23...more

Holland & Knight LLP

15 Key Takeaways from the Final CMMC Program Rule Issued by DOD

Holland & Knight LLP on

The U.S. Department of Defense (DOD) has long questioned whether contractors and their supply chains have been fully compliant with existing cybersecurity requirements aimed at protecting Controlled Unclassified Information...more

BakerHostetler

(Cyber)Security Theater 101 - Georgia Tech, a Teachable Moment

BakerHostetler on

On August 22, 2024, the United States intervened in a whistleblower suit against the Georgia Institute of Technology, initially filed by current and former members of Georgia Tech’s cybersecurity team, alleging that Georgia...more

Perkins Coie

Cybersecurity for Lawyers: The NIST Cybersecurity Framework as a Tool and Reference

Perkins Coie on

In this post in our series on basic cybersecurity concepts for lawyers (see here and here for prior posts), we delve into the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) 2.0, which is a...more

EDRM - Electronic Discovery Reference Model

What Everyone Gets Wrong About Inherent Risk, and Why it Really Matters

EDRM - Electronic Discovery Reference Model on

Defining the role of inherent risk in cybersecurity - Inherent risk is a concept that while fundamental to cybersecurity, has largely been disregarded by popular cybersecurity risk guidelines and standards and remains arcane...more

Woods Rogers

DoD Unveils Cybersecurity Strategy for Defense Industrial Base: What You Need to Know

Woods Rogers on

The United States Department of Defense (“DoD”) recently published its Defense Industrial Base Cybersecurity Strategy 2024. For context, the DIB is comprised of more than 100,000 domestic and foreign companies or...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Federal Regulators Unveil Revised Final Guidance for Healthcare Cybersecurity and HIPAA Compliance

Ogletree, Deakins, Nash, Smoak & Stewart,... on

On February 14, 2024, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) published a new, final version of their guidance for...more

Oberheiden P.C.

Defense Department Looks to Update DFARS Cybersecurity Compliance Requirements

Oberheiden P.C. on

Over the holidays, the U.S. Department of Defense (DoD) issued proposed rules for updating its Cybersecurity Maturity Model Certification (CMMC) program from its existing Defense Acquisition Regulatory Supplement (DFARS)...more

Saul Ewing LLP

New Cybersecurity Guide Released

Saul Ewing LLP on

On February 16, 2024, the HHS Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) published a final version of the cybersecurity resource guide (the “Guide”) with respect to the HIPAA...more

McCarter & English Blog: Government Contracts...

DoD’s Proposed CMMC Rule: Groundhog Day… or a Final Rule in the Works?

McCarter & English Blog: Government Contracts... on

On December 26, 2023, the Department of Defense (“DoD”) belatedly gifted defense contractors and subcontractors a Proposed Rule on the Cybersecurity Maturity Model Certification (“CMMC”) Program. DoD also released eight CMMC...more

Morrison & Foerster LLP - Government...

An Overview Of The Defense Department’s Long-awaited Proposed Regulations For Its Cybersecurity Maturity Model Certification...

Morrison & Foerster LLP - Government... on

The U.S. Department of Defense released a special holiday treat for government contractors and subcontractors last week in the form of long-promised proposed regulations for its Cybersecurity Maturity Model Certification...more

Bradley Arant Boult Cummings LLP

Evolution of the Chinese Hacking Threat: Risks for Government and Industry

Bradley Arant Boult Cummings LLP on

On May 24, 2023, Microsoft announced the detection of a direct threat to critical infrastructure organizations in Guam and elsewhere in the United States. The alert attributed observed malicious activity to a state-sponsored...more

Davies Ward Phillips & Vineberg LLP

Governance Insights: Get Smart on Artificial Intelligence (AI) and Corporate Governance: Key Considerations for Boards of...

Davies Ward Phillips & Vineberg LLP on

It has been one year since OpenAI released ChatGPT, arguably catalyzing today’s new wave of interest in AI. This surge of interest is driving substantial investments in AI technologies and a heightened urgency to address the...more

Davis Wright Tremaine LLP

CISA Releases Revised Draft of Secure Software Development Self-Attestation Form

Davis Wright Tremaine LLP on

The Cybersecurity and Infrastructure Security Agency (CISA) has released a revised draft of its Secure Software Development Attestation Common Form ("Form"). The Form, once finalized, will obligate vendors providing software...more

Morrison & Foerster LLP

A New Frontier for SEC Cybersecurity Enforcement? The SEC Charges SolarWinds and its CISO with Securities Fraud

Morrison & Foerster LLP on

Earlier this week, the SEC accused SolarWinds Corporation (“SolarWinds” or the “Company”) and its Chief Information Security Officer (“CISO”) of committing scienter-based securities fraud, among other violations, for...more

Health Care Compliance Association (HCCA)

Privacy Briefs: October 2023

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more

Cozen O'Connor

Biden Administration’s Voluntary AI Safety Agreement

Cozen O'Connor on

The Biden administration announced that it brokered a voluntary agreement with several of the biggest technology and artificial intelligence (AI) companies. The agreement, available here, has the companies taking a number of...more

Clark Hill PLC

Right To Know - September 2023, Vol. 9

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more

BakerHostetler

NYDFS Issues Revised Proposed Second Amendment to Its Cybersecurity Regulation

BakerHostetler on

The New York State Department of Financial Services (NYDFS) recently published a revised proposed second amendment to its cybersecurity regulation, 23 NYCRR 500. ...more

J.S. Held

What is an Information Security Framework and Why Do I Need One?

J.S. Held on

An information security framework, when done properly, will allow any security leader to more intelligently manage their organization's cyber risk. The framework consists of a number of documents that clearly define the...more

Perkins Coie

Sector-Based Cybersecurity Requirements for Critical Infrastructure, From Our Water Systems to the Skies

Perkins Coie on

Following the release of President Biden’s National Cybersecurity Strategy, Acting National Cyber Director Kemba Walden explained that the Biden Administration is “expecting more” from owners and operators in critical...more

48 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide