Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
FCC Solicits Comment on Amending Accessibility Rules for IVCS: In this Further Notice of Proposed Rulemaking (FNPRM) the Federal Communications Commission (FCC or Commission) requests further comment on whether to amend its...more
In 2021, Congress created the Internet of Things Advisory Board (IoTAB) within the Department of Commerce and charged it with providing advice to the Internet of Things Federal Working Group, a collaboration of Federal...more
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (UK NCSC), along with partner agencies from 17 nations, have released Guidelines for Secure AI System Development (the...more
The AI executive order moves the U.S. closer to a broader unified approach on federal AI regulation, expanding on the AI Bill of Rights and NIST AI Risk Management Framework and focusing on the responsible development and...more
Welcome to The On-Ramp, the newsletter from Venable's Autonomous and Connected Mobility team. The On-Ramp explores legal and policy developments in the world of autonomous vehicles, smart infrastructure, emerging mobility...more
The Office of the National Cyber Director (ONCD) has extended the deadline to respond to its Request for Information (RFI) seeking public comment on "opportunities for and obstacles to harmonizing" cybersecurity regulations....more
Voluntary Commitments Ensuring Safe, Secure and Trustworthy AI Prominent generative AI companies, including Meta, OpenAI, Microsoft, Google, Anthropic and Inflection, committed to a voluntary set of guidelines negotiated by...more
On March 15, 2021, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which will require critical infrastructure owners and operators (among other things) to report...more
On November 15, 2021, President Joe Biden signed into law the Infrastructure Investment and Jobs Act (IIJA), unleashing over $1 trillion of federal money to strengthen the nation’s infrastructure and fund other key programs...more
The past two decades have produced intense focus on information security to protect data. This priority remains important. But the change in administrations and the Continental Pipeline incident have redirected attention...more
The recent spate of apparently eastern European cyberattacks on important U.S. commercial interests—from SolarWinds to Colonial Pipeline—should force all of us to step back and review how we organize our world. Many crucial...more
To assist utilities with assessing and responding to cyber risks, the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Corporation (NERC) recently issued a report on best practices to...more
JONES DAY CYBERSECURITY, PRIVACY & DATA PROTECTION ATTORNEY SPOTLIGHT: Richard Martinez - Europe's new General Data Protection Regulation ("GDPR") is driving an evolution in corporate privacy practices globally. As...more
Power Company Fined for Contractor Copying Data to its Own Insecure Network - Vendor management continues to be a problem for all industries, but some are scarier than others. The North American Electric Reliability Corp....more
Cybersecurity risks to the nation's critical infrastructure (CI) – defined as 16 CI sectors, including transportation and maritime – continue to grow exponentially. The incoming Trump Administration has made it clear that...more
If you are the CEO of Google, Facebook, Verizon, Comcast, Exxon or Boeing, don’t read this. You have a team of lawyers working for you who have already spent hours analyzing President Obama’s Cybersecurity executive order...more
A tempting response to the Cybersecurity Executive Order (the "Order"), announced by President Obama at his State of the Union address, is to ignore it. It is vague in key particulars, such as which companies are part of the...more
During his State of the Union address on February 12, 2013, President Barack Obama announced his signing of a long-anticipated Executive Order on cybersecurity. After months of discussions with technology companies the...more
On February 12, 2013, President Obama signed an Executive Order (the Order) intended to enhance the cybersecurity of the country's critical infrastructure. According to the Order, "[t]he cyber threat to critical...more
On February 12, 2013, President Obama issued a long-anticipated Executive Order concerning cybersecurity entitled Improving Critical Infrastructure Cybersecurity. The Executive Order marks a major milestone in the Federal...more
Order will create a voluntary Cybersecurity Framework for designated critical infrastructure within a year. On February 12, President Barack Obama signed an executive order directing the Department of Homeland Security...more
As President Obama delivered his fifth State of the Union speech to Congress on February 12, 2013, he simultaneously issued a highly anticipated Executive Order (“the Order”) focused on improving cybersecurity in the United...more
“America must … face the rapidly growing threat from cyber-attacks. Now, we know hackers steal people’s identities and infiltrate private emails. We know foreign countries and companies swipe our corporate secrets. Now our...more
On February 12, 2012, President Obama signed an Executive Order as well as a complementary Presidential Policy Directive intended to improve the flow of information and cyber-threat intelligence between government agencies...more
The long-awaited cybersecurity executive order (EO), which will ultimately establish national cybersecurity standards for critical infrastructure, was issued by President Obama on February 12, 2013. At the same time, the...more