Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
Whether the game is football, baseball, hockey, or Indy Car racing, no team goes into their major championship matchup without training. Companies need to train as well if they intend to operate on the internet and expect to...more
MIT Report Details New Cybersecurity Risks - “Cloud misconfigurations, more sophisticated ransomware, and vendor exploitation attacks are contributing to rising cyberattacks.” Why this is important: Worldwide spending...more
We have now reached the 180-day mark since the White House Executive Order (EO) on the Safe, Secure and Trustworthy Development of AI and we are seeing a flurry of mandated actions being completed. See here for a summary of...more
On February 26, 2024, the National Institute of Standards and Technology (NIST) released the NIST Cybersecurity Framework 2.0 (CSF 2.0). CSF 2.0 represents the first major update to the Cybersecurity Framework, which was...more
Corporations have struggled to manage cybersecurity risk for years, and now they have a new tool to help them bring order to chaos: a new and improved cybersecurity risk management framework, released at the end of February...more
In its first major overhaul since 2014, the National Institute of Standards and Technology (NIST) updated its Cybersecurity Framework (CSF) on February 26, 2024. The updated 27-page CSF version 2.0 builds on version 1.1 and...more
The National Institute of Standards and Technology released an updated version of its Cybersecurity Framework, CSF 2.0. earlier this week. The CSF, initially launched in 2014, is a tool developed by NIST to help private...more
President Biden signed an Executive Order regarding artificial intelligence (“AI”) on October 30, 2023 (the “Order”). The Order touts the importance of responsible development and use of AI and calls for collaboration between...more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
The American Hospital Association (AHA) has warned that information technology (IT) help desks are being targeted in a social engineering scheme that uses the stolen identity of revenue cycle employees or employees in other...more
On October 30, 2023, the Biden administration released a far-reaching executive order (EO) on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (AI). The EO issues directives related to the use...more
On Oct. 30, the Biden administration took a decisive step into the future by issuing the Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence....more
Biden’s sweeping AI Executive Order sought to have artificial intelligence used in accordance with eight underlying principles. The order, while directed to government agencies, will impact businesses as well. In particular,...more
Artificial intelligence (“AI”), including generative AI (“GAI”), has gained significant momentum in recent months due to its potential to transform how organizations create content, automate tasks, and provide personalized...more
On October 30, 2023, the Biden Administration issued the groundbreaking Executive Order 14110 on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (Order), which sets in motion a comprehensive...more
The AI executive order moves the U.S. closer to a broader unified approach on federal AI regulation, expanding on the AI Bill of Rights and NIST AI Risk Management Framework and focusing on the responsible development and...more
On October 30, 2023, President Biden issued an “Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence” designed to spur new AI safety and security standards, encourage the development of privacy-preserving...more
In this month’s Privacy & Cybersecurity Update, we analyze the Biden administration’s proposed cybersecurity labeling program for smart devices, NIST’s extensive overhaul of its cybersecurity framework, and data privacy law...more
In the burgeoning realm of data incidents, it is a truism that such incidents are not created equal. Indeed, a data incident is not necessarily a data breach. Originally published in Reuters -August 24, 2023...more
In response to a constantly-evolving cyber threat landscape, the Biden Administration recently announced the launch of a new cybersecurity labeling program – the U.S. Cyber Trust Mark program – in an effort to enhance...more
On May 11, 2023, Governor Bill Lee signed the Tennessee Information Protection Act (TIPA) into law. Tennessee now joins the rapidly increasing group of states, California, Utah, Colorado, Connecticut, Virginia, Iowa and...more
The National Institute of Standards and Technology is updating the security standards that govern the protection of sensitive government information. NIST recently released an initial public draft for comment. The document...more
It has been an active legislative season, with numerous states advancing new data privacy laws. In May, Indiana, Montana, and Tennessee joined Iowa in adopting new privacy laws, while the legislature in Texas sent an omnibus...more
The Tennessee governor has signed Tennessee’s comprehensive privacy law, which as we have indicated will go into effect July 1, 2025. As initially proposed, the law would have been effective July 1, 2024, and would have...more
Welcome to the latest edition of Updata! Updata is an international report produced by Eversheds Sutherland’s dedicated Privacy and Cybersecurity team – it provides you with a compilation of key privacy and cybersecurity...more