Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Earlier this month, Secretary of the Department of Homeland Security (DHS) Kristi Noem announced plans to disband the Critical Infrastructure Partnership Advisory Council (CIPAC). First created in 2006, CIPAC is a...more
On January 16, 2025, President Joe Biden issued the “Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity,” a comprehensive directive designed to address the growing complexity and...more
Amidst an ever-evolving cyber threat landscape, a recent slew of regulatory updates and cybersecurity standards are defining a new battlefront for securing critical infrastructure and corporate data across varying sectors....more
The Cybersecurity and Infrastructure Security Agency (CISA), a division of the Department of Homeland Security, has proposed a rule that would govern whether, when, and how companies in critical infrastructure sectors report...more
On April 4, 2024, the United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (“CISA”) released for public comment its long-awaited proposed rules to implement the Cyber Incident...more
On April 4, 2024, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) officially published its Notice of Proposed Rulemaking (NPRM) detailing significant new cybersecurity...more
Just over a year ago, the White House issued its long-awaited National Cybersecurity Strategy, with an emphasis on defending Critical Infrastructure, promoting public and private collaboration, and safeguarding...more
In 2025, new federal reporting requirements will require hundreds of thousands of organizations to report cyber incidents within hours of discovery to the United States Government, marking a significant impact on how...more
The Biden-Harris Administration is redoubling its efforts to improve cybersecurity for the nation’s water systems. In March, the EPA and the White House issued a dire warning to state governors alerting them of the need to...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
In one of the most clear-eyed and sobering assessments of the cyberthreat China poses to our nation’s critical infrastructure, the country’s foremost cybersecurity leaders recently testified that the Chinese Communist Party...more
On December 12, 2023, FERC staff offered information and recommendations to help registered entities (i.e., users, owners, and operators of the bulk electric system) improve their compliance with mandatory Critical...more
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (UK NCSC), along with partner agencies from 17 nations, have released Guidelines for Secure AI System Development (the...more
Following the White House’s Executive Order on AI, the Cybersecurity & Infrastructure Security Agency (CISA) issued its Roadmap for Artificial Intelligence this week “which is a whole-of-agency plan aligned with national AI...more
On May 16, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released three advisories applicable to Industrial Control Systems (ICS). The Alerts cover vulnerabilities of Snap One OvrC Cloud, Rockwell...more
Third parties have posed significant risks to companies for years, but perhaps more so now than ever before. Cyber threats, Russia sanctions, and a new wave of child labor in the United States are just a few risks making...more
The FBI, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) recently released a joint cybersecurity advisory, warning organizations about indicators of compromise, and tactics, techniques, and...more
Last week classes for elementary schools, high schools and a community college in Boston were canceled due to a cyberattack. Last month an Arkansas school district approved a payment of $250,000 to cybercriminals to retrieve...more
On November 9, 2022, the New York Department of Financial Services (NYDFS) published proposed amendments to significantly expand Cybersecurity Requirements for Financial Services Companies under 23 NYCRR 500 (the “NYDFS...more
Through Aerospace & Defense Insights, we share with you the top legal and political issues affecting the aerospace and defense (A&D) industry. Our A&D industry team monitors the latest developments to help our clients stay in...more
The Cybersecurity and Infrastructure Security Agency (CISA) issued a request for information (RFI) on the new cyber incident reporting requirements for critical infrastructure owners as required by the Cyber Incident...more
The Cybersecurity and Infrastructure Security Agency (“CISA”) released a “Sharing Cyber Event Information” Fact Sheet on April 7 that may preview its implementation of the new federal government cyber incident reporting...more
Under the new law, critical infrastructure owners and operators will be required to report significant cyber incidents to the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA)...more
On Monday, March 21, 2022, the White House issued a statement warning of "evolving intelligence" that the Russian government may launch cyberattacks aimed at the United States in response to sanctions arising from Russia's...more
On Monday, March 21, 2022, President Biden issued a statement “reiterating [prior] warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks” against the United States...more