Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
Whether the game is football, baseball, hockey, or Indy Car racing, no team goes into their major championship matchup without training. Companies need to train as well if they intend to operate on the internet and expect to...more
MIT Report Details New Cybersecurity Risks - “Cloud misconfigurations, more sophisticated ransomware, and vendor exploitation attacks are contributing to rising cyberattacks.” Why this is important: Worldwide spending...more
Start Planning Now to Reduce Your Increased Money Laundering, Sanctions, and Conflicts of Interest Risks The introduction and use of generative artificial intelligence (GenAI) and predictive data analytics (PDAs) by...more
Despite your best efforts, you have been hit by ransomware. You are locked out of your system, and you can provide no services to your customers, clients or patients. From a business perspective, you need to get your system...more
Privacy In Focus®- In 2021, cyber gained prominence as a top business risk and national security concern with ransomware attacks wreaking havoc on business operations and critical infrastructure. Companies large and small,...more
We have all read about the high-profile malicious cyber-attacks and ransomware demands and payments. The Colonial Pipeline case demonstrated how responsive law enforcement can be in tracking down perpetrators and recovering...more
Report on Patient Privacy 21 no. 9 (September, 2021) - As ransomware attacks become epidemic and breaches get larger, the Biden administration is partnering with private industry to bolster security and education in an...more
Recent ransomware attacks against U.S. critical infrastructure, which includes the energy sector’s production of oil and natural gas, and other sources of electricity and power, have shed a spotlight on the importance of...more
Best Practices to Detect and Prevent File-Less and Click-Less Malware - Hackers are clever at exploiting weaknesses in an organization’s systems. They are also efficient. After an organization installs robust cybersecurity...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - United States and China Renew Promise Not to Hack - On October 4, U.S. and Chinese officials agreed to not engage in targeted hacking. Per a...more
In this edition of our Privacy and Cybersecurity Update, we take a look at the Trump administration's executive order outlining its cybersecurity plans, Acting FTC Chairwoman Maureen Ohlhausen's comments on the possible...more
The latest publication by the National Institute of Standards and Technology (NIST), entitled “Small Business Information Security: The Fundamentals,” aims to promote and assist small businesses in their efforts to manage...more
As financial institutions of all sizes continue to face unprecedented cybersecurity risk, the Federal Financial Institutions Examination Council (FFIEC) released its Cybersecurity Assessment Tool. The Assessment is...more
Part of Bradley Arant’s Privacy and Information Security Team’s seven-part Data Breach Toolkit Webinar Series, the “Data Breach Response Planning: Laying the Right Foundation” webinar, led by Paige Boshell and Amy Leopard,...more
State breach notification statutes are being amended on almost a monthly basis. Several laws have, or will soon have, a mandatory notification deadline for notifying affected individuals after the discovery of the incident....more
Is Controlled Unclassified Information Out of Control? The OMB apparently thinks so. On August 11, 2015, the Obama administration, through the Office of Management and Budget (OMB), which is the largest office within the...more
As part of the government’s recent clarion call to improve our individual and collective cybersecurity posture, several federal and state agencies have released a variety of guidelines, frameworks, best practices and tips. ...more
The Federal Trade Commission (FTC) can regulate cybersecurity policies and procedures as “unfair” acts or practices under Section 5 of the FTC Act, the U.S. Court of Appeals for the Third Circuit has ruled in a very important...more
Earlier this summer, the Federal Financial Institutions Examination Council (FFIEC) released its highly anticipated Cybersecurity Assessment Tool (Assessment), which is designed to assist financial institutions in identifying...more
In 2013 alone, the U.S. Department of Homeland Security (DHS) and its Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) responded to more than 256 cyber-incident reports—more than half of them in the energy...more
The Office of Management and Budget (OMB) released a draft guidance document on Aug. 11, 2015, titled “Improving Cybersecurity Protection in Federal Acquisitions” (the “OMB Guidance”). The OMB Guidance instructs agencies on...more
In response to a growing demand for cybersecurity guidance in the health care industry, the National Institute of Standards and Technology (NIST), through its National Cybersecurity Center of Excellence, recently published a...more
Higher education institutions are treasure troves for hackers. Colleges and universities are huge repositories of research data, sensitive information for large populations of applicants and enrolled students (personal,...more
The Department of Justice (DOJ) recently announced the largest coordinated international law enforcement effort ever directed at an online cyber-criminal forum. Financial institutions and other companies should consider...more