Protection of Critical Infrastructure via LIPA and ICTS
EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more
The European Insurance and Occupational Pensions Authority recently published the European Commission’s response (Q&A 2999) on the question of which services fall under the definition of “ICT services” under Article 3(21) of...more
This alert was originally published on January 21, 2025, and updated on January 22, 2025, to reflect President Trump’s comments that additional 10% tariffs may be imposed on China on February 1. On January 20, 2025,...more
Beginning 17 January 2025, the Digital Operational Resilience Act (DORA) will apply to almost all EU financial entities, including banks, insurers and reinsurers, brokers , payment and electronic money institutions,...more
Digital Operational Resilience Act (DORA) aims to harmonize provisions related to cybersecurity and information and communication technology (ICT) risk management in the financial sector. Its scope covers nearly all entities...more
DORA is now applicable, imposing requirements in respect of ICT risk management and digital operational resilience. Firms should be preparing their register of information ready for sharing with the CBI in April....more
The United States Department of Commerce issued an advance notice of proposed rulemaking under its “information and communications technology and services” (ICTS) regulations on Friday to solicit comments from U.S. industry...more
The EU’s Digital Operational Resilience Act (DORA) becomes binding on 17 January 2025. As the compliance deadline approaches, EU financial regulators (ESAs) have issued a flurry of statements on the act, including: - An...more
The Digital Operational Resilience Act (DORA) establishes a harmonised and comprehensive framework for information and communication technology (ICT) risk management in the financial sector. It is a directly applicable EU...more
The EU’s Digital Operational Resilience Act (DORA) comes into force from 17 January 2025. Under DORA, in-scope regulated financial services (FS) businesses operating in the EU (Firms) face new cybersecurity requirements and...more
On June 20, 2024, the U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”) issued a Final Determination prohibiting the sale of certain cybersecurity products, anti-virus software, and related services to...more
On June 24, 2024, the Commerce Department published a Final Determination under its Information and Communications Technology and Services (ICTS) authorities. The determination prohibits the Russian-controlled cybersecurity...more
On June 20, 2024, Commerce’s Bureau of Industry and Security issued a Final Determination prohibiting Kaspersky Lab, Inc. from directly or indirectly providing anti-virus software and cybersecurity products or services in the...more
Ford Motor Company Agrees to $365M Settlement for Attempted Tariff Engineering Ford has agreed to settle the long-standing dispute over the tariff classification of vans imported from 2009 to 2013. At the time, Customs and...more
On March 1, 2024, at the direction of President Biden, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) published an Advanced Notice of Proposed Rulemaking (ANPRM) seeking public comment on the proposed...more
We continue to track developments affecting government contractor cybersecurity and supply chains, as the federal government churns out proposals and rules. Wiley’s supply chain, cyber, government contracts, and national...more
On December 14, 2023, the House of Representatives passed the National Defense Authorization Act for Fiscal Year 2024 (NDAA), following the Senate’s passage a few days earlier. The President is expected to sign the NDAA into...more
On June 16, 2023, the U.S. Department of Commerce (“Commerce”) issued a long-awaited final rule (the “Final Rule”), effective July 17, 2023, related to the Information and Communications Technology Supply Chain. Among other...more
There will be additional compliance obligations and mandatory contractual provisions introduced for financial entities and outsourced IT service providers. The new DORA seeks to strengthen the resilience of financial...more
On June 16, the U.S. Department of Commerce published a final rule, to be effective July 17, implementing the Protecting Americans’ Sensitive Data From Foreign Adversaries and amending the Securing the Information and...more
DORA is set to transform how European based Financial Institutions enhance the operational resilience of their critical business processes. With an implementation date of 17th January 2025 the evolving nature of the...more
On March 7, 2023, a bipartisan group of US Senators introduced legislation that would enhance the ability of the executive branch to restrict information and communication technology ("ICT") products and services linked to...more
Concerns over the potential threat posed by information and communications technology (ICT) products and services, such as TikTok, to the United States’ economic and national security have been ruminating for some time now....more
Much is being written about “remote work” – is it productive, will demand for it continue or be curtailed in a recession, is cybersecurity compromised, does it inhibit workplace culture, collaboration, etc. Lots of questions,...more
As attorneys engaged in telecom, media, and technology work, we are constantly thinking about not just where the law is today, but where it’s going. Critical to that analysis is understanding how the information and...more