Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
In his final days in office, President Biden signed an ambitious executive order to improve the federal government's approach to cybersecurity. How this sweeping order will fare under the Trump Administration is difficult to...more
On April 4, 2024, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) officially published its Notice of Proposed Rulemaking (NPRM) detailing significant new cybersecurity...more
Editor’s Note: In this exploration of cybersecurity in the digital era, the article “Shifting Left in eDiscovery: Embracing Secure-by-Design and AI for Enhanced Cybersecurity” considers the crucial intersection of...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
As governments around the world begin to introduce new frameworks and standards addressing the responsible design, development, deployment and operation of artificial intelligence (AI) systems, chief compliance officers...more
On day two of Mobile World Congress (MWC), CTIA hosted a panel on “Promoting Security in a 5G World.” The panel discussed ongoing efforts by regulators and the ways that the wireless industry is responding to a changing...more
The Office of the National Cyber Director (ONCD) has extended the deadline to respond to its Request for Information (RFI) seeking public comment on "opportunities for and obstacles to harmonizing" cybersecurity regulations....more
As contemplated by PilieroMazza’s recent blog, the Cybersecurity and Infrastructure Security Agency (CISA) released a notice and request for comments on a new requirement for software producers to provide self-attestations...more
On March 15, 2021, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which will require critical infrastructure owners and operators (among other things) to report...more
The United States Department of Homeland Security announced on February 3, 2022 the formation of a 15 person Cyber Safety Review Board, (the “CSRB”), which will be led by Robert Silvers, the Department of Homeland Security...more
Under the new law, critical infrastructure owners and operators will be required to report significant cyber incidents to the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA)...more
Amid the escalating conflict in Ukraine and concerns of Russian cyber threats to the United States, President Joe Biden recently signed a $1.5 trillion government spending deal with serious cybersecurity reporting obligations...more
This week the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) issued a “SHIELDS UP” advisory. While it does not identify specific threats in the advisory, CISA states that the “Russian...more
Given the deteriorating security situation in Eastern Europe and the potential for widespread cyber disruptions should hostilities break out, we urge clients to re-examine their cybersecurity posture. The U.S. Cybersecurity...more
This December, the Transportation Security Administration (TSA) issued a pair of Directives establishing cybersecurity measures for high-risk freight rail, passenger rail, and rail transit owners and operators. These...more
As highlighted in our December 10, 2021, article, the Apache Log4j vulnerability is garnering significant attention throughout the public and private sectors. There are reportedly upwards of 100 million devices and servers...more
On December 2, 2021, the US Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) announced two new Security Directives and additional guidance for voluntary measures to strengthen cybersecurity...more
On 2 December 2021, the United States Transportation Security Administration (TSA) released two Security Directives applicable to the rail industry that will require certain owners and operators to implement new cybersecurity...more
The legislation would require all federal contractors to report potential and actual cybersecurity incidents to the Department of Homeland Security. The Act would impose a 24-hour reporting requirement on federal...more
Less than a month after the high-profile ransomware attack against Colonial Pipeline, the Department of Homeland Security's (DHS) Transportation Security Administration (TSA) has issued its first-ever set of mandatory...more
CYBERSECURITY - FBI and DHS/CISA Issue Joint Alert on Mamba Ransomware - The Federal Bureau of Investigations (FBI) recently issued a joint alert with the Department of Homeland Security/Cybersecurity Infrastructure and...more
The Federal Bureau of Investigations (FBI) recently issued a joint alert with the Department of Homeland Security/Cybersecurity Infrastructure and Security Agency (CISA) that “Mamba ransomware has been deployed against local...more
The 117th Congress kicked off its First Session with, among other initiatives, oversight hearings on the SolarWinds cyber hack. On February 23, the Senate Intelligence Committee held a hearing on the high profile,...more
On December 13, 2020 the U.S. Department of Homeland Security announced that a compromise of U.S. government systems was associated with the malicious exploit of the IT service management tool SolarWinds Orion. The...more
Tech companies considering government business must anticipate risks, including from competitors. A forward-looking initiative from the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of...more