News & Analysis as of

Information Technology Cybersecurity Supply Chain

Morgan Lewis

Data Center Operations: Aligning Supply Chain, Compliance, and Customer Expectations

Morgan Lewis on

The demand for data centers is continuing to accelerate, fueled largely by generative artificial intelligence (Gen AI), broader digital transformation, and organizations migrating to cloud infrastructure. Gen AI adoption...more

Hogan Lovells

Security Snippets: CISA publishes sector-specific cyber performance goals for IT and product design

Hogan Lovells on

The Cybersecurity and Infrastructure Security Agency (CISA) unveiled new cyber performance goals aimed at addressing risks to software development and product design in the IT sector. Last week, the Cybersecurity and...more

Morrison & Foerster LLP

Commerce Rings in New Year with Proposed Rulemaking on Drones

The Department of Commerce (Commerce) Office of Information and Communications Technology and Services (OICTS) has broad authority—born out of executive action during the first Trump administration—to identify and mitigate...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Supply Chain Attacks in the UK: Reducing Risk and Preparing for Upcoming Legal Changes

Effective information security is no longer just dependent on an organisation’s own internal cybersecurity controls. The UK Information Commissioner’s Office (ICO) highlights that third-party service providers are processing...more

Perkins Coie

Cybersecurity for Lawyers: Open-Source Software Supply Chain Attacks

Perkins Coie on

In this post in our series on basic cybersecurity concepts for lawyers, we address open-source software (OSS) supply chain risk. OSS is software developed using an “open-source” protocol, meaning that its code is fully...more

Wiley Rein LLP

CYBER UPDATE: White House Seeks Regulatory Harmonization While Exploring a Pilot for Reciprocity Amid Proliferation of Regulations

Wiley Rein LLP on

Companies, particularly those in “critical infrastructure” sectors, have seen a dramatic increase in cybersecurity regulatory requirements in just the past few years – and the White House is looking to move faster. At the...more

Sheppard Mullin Richter & Hampton LLP

CISA Cyber Incident Reporting for Critical Infrastructure Will Significantly Impact Government Contractors, Suppliers, and Service...

The Cybersecurity and Infrastructure Security Agency (“CISA”) recently released its new Proposed Rule pursuant to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which was published in the...more

Mayer Brown

EU Cyber Legislation Puts Emphasis on Board Responsibility

Mayer Brown on

What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more

Levenfeld Pearlstein, LLC

Addressing Cybersecurity Risks in the Construction Industry: 5 Things Companies in the Construction Industry Should Consider

Cybersecurity continues to be a top challenge for many companies and industry sectors, and the construction industry is no different. Additionally, certain characteristics of the construction industry make businesses more...more

Sheppard Mullin Richter & Hampton LLP

Interim Rule Effective in December Establishes Requirements for Contractors to Remove Identified Products and Services from the...

On October 5, 2023, the FAR Council released an Interim Rule on “Implementation of Federal Acquisition Supply Chain Security Act (FASCSA) Orders.” The Interim Rule implements requirements from Section 202 of the Federal...more

NAVEX

Risk Management 101: The Human Touch

NAVEX on

In the first part of Risk Management 101, we focused on the foundational elements of risk management. In part two, we’ll look at how the people who keep your organization running, with their unique insights, skills and...more

HaystackID

[Webcast Transcript] M365 for Law Firms and Lawyers: Purview Premium eDiscovery and Security, Capabilities and War Stories

HaystackID on

Editor’s Note: In a rapidly evolving technological landscape, understanding the capabilities and limitations of platforms like Microsoft 365 (M365) is crucial for law firms, especially in the realms of eDiscovery and...more

J.S. Held

Water Cybersecurity? EPA Mandates Regulations to Prevent Cyberattacks on Public Water Systems

J.S. Held on

EPA Aims to Mitigate Risk of Cyberattack on Public Water Systems On March 3, 2023, the U.S. Environmental Protection Agency (EPA) issued its Memorandum Addressing Public Water System (PWS) Cybersecurity in Sanitary Surveys or...more

Sheppard Mullin Richter & Hampton LLP

Federal Government Outlines New Security and Attestation Requirements for Software

Per Executive Order 14028, Improving the Nation’s Cybersecurity, the Office of Management and Budget (OMB) issued a memorandum on September 14, 2022 requiring federal agencies to only use software from software producers that...more

Robinson+Cole Data Privacy + Security Insider

NIST Releases Guidance on Supply Chain Security

The National Institutes of Science and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain Security Guidance,” in response to directives set forth in President...more

McDermott Will & Emery

Key Takeaways | Keeping the Lights On: Cyber Threat, Vulnerability and Oversight Considerations for the Energy Sector

McDermott Will & Emery on

During the latest webinar in our Energy Transition series, Partners Carl Fleming and Scott Ferber hosted PWC Principals Brad Bauch, US Power and Utilities Cybersecurity & Privacy Leader, and Mark Ray, Cybersecurity & Privacy,...more

Harris Beach Murtha PLLC

Division Y-Cyber Incident Report for Critical Infrastructure Act of 2022 Becomes Law, with Regulations Expected by 2025

Division Y – Cyber Incident Reporting for Critical Infrastructure Act of 2022 was signed into law by President Biden on March 15. Highlights of the Act include: ...more

Robinson+Cole Data Privacy + Security Insider

NIST Releases Request for Information to Improve Cybersecurity Framework and Supply Chain Risk Management

The National Institute of Standards and Technology (NIST) recently released a Request for Information (RFI) that seeks to gather information to help evaluate and improve cybersecurity resources for the cybersecurity framework...more

Amundsen Davis LLC

Top 5 Cyber Security Threats the Manufacturing Industry Should Watch in 2022

Amundsen Davis LLC on

Companies continue to see headlines about cyberattacks, but manufacturing companies, specifically, have become more targeted in the last few years. In the most recent issue of The Illinois Manufacturer, Molly Arranz and Sofia...more

K2 Integrity

Cyber Predictions 2022

K2 Integrity on

Where We Stand - This year kicks off against the backdrop of the security flaw found in Log4j, a system-logging code library widely used in applications and services across the Internet. In the aftermath of this crisis, a...more

Sheppard Mullin Richter & Hampton LLP

Seeking HoNIST Opinions, Part II – NIST Invites Comments on Major Revision to Cyber Supply Chain Risk Management Practices and...

The National Institute of Standards and Technology (“NIST”) is seeking comments on its second draft of NIST SP 800-161 Rev. 1, “Cyber Supply Chain Risk Management Practices for Systems and Organizations,” published on October...more

Robinson+Cole Data Privacy + Security Insider

SolarWinds Hackers Focus on Downstream Vendors as Next Victims

In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more

Lighthouse

Cybersecurity Defense: Recommendations for Companies Impacted by the Biden Administration Executive Order

Lighthouse on

As summarized in the first installment of our two-part blog series, President Biden recently issued a sweeping Executive Order aimed at improving the nation’s cybersecurity defense. The Order is a reaction to increased...more

Sheppard Mullin Richter & Hampton LLP

NYDFS Issues Ransomware Guidance

The New York State Department of Financial Services recently announced new guidance addressing ransomware attacks, and highlighting cybersecurity measures to significantly reduce the risk of an attack. The guidance comes as...more

Hogan Lovells

Biden Administration issues New Executive Order to protect Americans’ sensitive data

Hogan Lovells on

On January 9, 2021, the Biden Administration issued Executive Order (EO) 14034, to further address the declared national emergency with respect to the information and communications technology and services (ICTS) supply...more

53 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide