News & Analysis as of

Information Technology Cybersecurity National Institute of Standards and Technology

Davis Wright Tremaine LLP

FedRAMP 20x Initiative Promises Major Changes for Federal Cloud Service Providers

Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more

StoneTurn

2025 Incident Response Landscape: Practical Tips for Cybersecurity Readiness

StoneTurn on

Organizations seeking to improve their cybersecurity posture in 2025 must assess what happens after an incident has occurred, and how an incident response team will be able to mobilize to respond. This article provides...more

Wiley Rein LLP

FAR Council Unveils Long-Anticipated Rule for Controlled Unclassified Information

Wiley Rein LLP on

WHAT: The FAR Council published a proposed rule to incorporate the Controlled Unclassified Information (CUI) Program into the acquisition process and, in doing so, seeks to more clearly define government and contractor roles...more

Ankura

The Evolution of Password Management

Ankura on

In today's digital landscape, robust password management is critical to information security. With the increasing complexity of cyber threats, ensuring secure access to sensitive information has become more critical than...more

EDRM - Electronic Discovery Reference Model

[Webinar] Data Risk & Resilience Part III - Digital Forensics in your Incident Response Plan - September 19th, 1:00 pm - 2:00 pm...

Data Resilience Masterclass: Navigating the Risks of the Digital Age - Data Risk and Resilience is a critical topic for modern businesses, especially within industries that handle vast amounts of sensitive information....more

Holland & Knight LLP

NIST Releases Three Post-Quantum Cryptography Standards

Holland & Knight LLP on

As discussed in a previous post, in 2022, the Quantum Computing Cybersecurity Preparedness Act ordered an examination of federal administrative agencies' data cryptography to prepare for a future where quantum computing is...more

Wiley Rein LLP

Policy Patches: An Update on Software Security Regulation

Wiley Rein LLP on

So far, 2024 has been another very busy year for U.S. cybersecurity regulation. Among the top priorities has been software security, as we previewed early this year. Companies that sell software to the federal government or...more

EDRM - Electronic Discovery Reference Model

What Everyone Gets Wrong About Inherent Risk, and Why it Really Matters

Defining the role of inherent risk in cybersecurity - Inherent risk is a concept that while fundamental to cybersecurity, has largely been disregarded by popular cybersecurity risk guidelines and standards and remains arcane...more

Guidepost Solutions LLC

AI Governance – The Ultimate Human-in-the-Loop

...As the world grapples with the rapid advancement of artificial intelligence (AI) technologies, concerns about the potential risks and unintended consequences have understandably taken center stage. While some advocate for...more

Wiley Rein LLP

Calls for Cybersecurity Regulatory Harmonization Ramp Up in Congress, White House

Wiley Rein LLP on

The proliferation of cybersecurity regulations has the White House and Congress calling for harmonization to streamline regulations, focus on reciprocity, and decrease compliance costs. Senator Gary Peters (D-MI), chair of...more

Wiley Rein LLP

CYBER UPDATE: White House Seeks Regulatory Harmonization While Exploring a Pilot for Reciprocity Amid Proliferation of Regulations

Wiley Rein LLP on

Companies, particularly those in “critical infrastructure” sectors, have seen a dramatic increase in cybersecurity regulatory requirements in just the past few years – and the White House is looking to move faster. At the...more

Wiley Rein LLP

New White House Policy Previews Increased Cybersecurity Oversight and Regulation

Wiley Rein LLP on

On April 30, 2024 the White House updated the foundational U.S. government policy that defines critical infrastructure (CI) sectors and establishes a coordination structure within the federal government to support owners and...more

PilieroMazza PLLC

CISA Unveils Final Self-Attestation Form for Software Producers Bidding on Federal Contracts

PilieroMazza PLLC on

In March 2024, the Cybersecurity and Infrastructure Security Agency (CISA) released the final version of its secure software development self-attestation common form (Form), requiring federal government contractors who...more

Health Care Compliance Association (HCCA)

Privacy Briefs: April 2024

The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more

Woods Rogers

DoD Unveils Cybersecurity Strategy for Defense Industrial Base: What You Need to Know

Woods Rogers on

The United States Department of Defense (“DoD”) recently published its Defense Industrial Base Cybersecurity Strategy 2024. For context, the DIB is comprised of more than 100,000 domestic and foreign companies or...more

Health Care Compliance Association (HCCA)

Privacy Briefs: February 2024

The American Hospital Association (AHA) has warned that information technology (IT) help desks are being targeted in a social engineering scheme that uses the stolen identity of revenue cycle employees or employees in other...more

White & Case LLP

The SEC’s Charges Against SolarWinds and its Chief Information Security Officer Provide Important Cybersecurity Lessons for Public...

White & Case LLP on

On October 30, 2023, the US Securities and Exchange Commission ("SEC") announced that it filed charges against SolarWinds Corp. ("SolarWinds" or the "Company") and its Chief Information Security Officer ("CISO") in connection...more

Holland & Knight LLP

Winds of Change: SEC's SolarWinds Lawsuit Signals Hotter Cybersecurity Enforcement

Holland & Knight LLP on

The SEC on Oct. 30, 2023, filed a landmark cybersecurity enforcement action against SolarWinds Corp. (SolarWinds) and the company's current Chief Information Security Officer (CISO) Timothy Brown. The SEC's complaint alleges...more

Morrison & Foerster LLP - Government...

The FAR Council’s Proposed Cybersecurity Overhaul: Lots Of Questions, But Only Some Answers

In what can best be described as a tsunami of cybersecurity regulation, the Federal Acquisition Regulation (FAR) Council—consisting of the Department of Defense (DoD), General Services Administration (GSA), and National...more

Holland & Knight LLP

New Cybersecurity FAR Rules Poised to Have a Major Impact on Contractors

Holland & Knight LLP on

The Federal Acquisition Regulatory (FAR) Council on Oct. 3, 2023, issued two proposed rules to partially implement President Biden's Executive Order on Improving the Nation's Cybersecurity. The first proposed rule imposes...more

StoneTurn

Tips to Avoid the Common Fraudster: Lessons from Corporate Investigations

StoneTurn on

With scams evolving and growing in volume and maturity, it is more important than ever before to be vigilant about what information is available to nefarious actors. This article provides common scam scenarios, tips for...more

Robinson+Cole Data Privacy + Security Insider

NIST Releases AI Risk Governance Standards

As modern companies are increasingly adopting AI systems to automate and augment their businesses, many legal and compliance departments have cautioned against fully embracing this new and untested technology. Successful...more

Sheppard Mullin Richter & Hampton LLP

NIST Releases Initial Public Draft of NIST SP 800-171, Revision 3 for Protection of Sensitive Government Information

The National Institute of Standards and Technology (NIST) has released an initial public draft of NIST SP 800-171, Revision 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. Compliance...more

Sheppard Mullin Richter & Hampton LLP

Biden Administration Releases Highly Anticipated National Cybersecurity Strategy

On March 2, 2023, the Biden Administration released its National Cybersecurity Strategy. The Strategy represents the latest push by the Administration to focus on cybersecurity concerns, following the release of Executive...more

Wiley Rein LLP

White House Pivots on Cyber: Voluntary Compliance Carrots Are Being Replaced By Big Regulatory Sticks

Wiley Rein LLP on

The White House released the long-anticipated National Cybersecurity Strategy on March 2, 2023 setting out five (5) pillars articulating key themes and Administration priorities. Coming more than two years into the Biden...more

82 Results
 / 
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide