The President’s new Executive Order on Improving the Nation’s Cybersecurity includes wide-ranging measures intended to strengthen security standards for the federal government and federal government contractors in response to...more
5/20/2021
/ Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Homeland Security (DHS) ,
DFARS ,
Encryption ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
FedRAMP ,
Joe Biden ,
Multi-Factor Authentication ,
National Security Agency (NSA) ,
NIST ,
OMB ,
Popular ,
Ransomware ,
Software ,
Supply Chain
President Biden signs relief bill into law and begins implementation.
President Biden has now signed the American Rescue Plan Act, a $1.9 trillion investment and stimulus package designed to address the ongoing COVID-19...more
3/12/2021
/ Affordable Housing ,
American Rescue Plan Act of 2021 ,
Child Care ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Economic Injury Disaster Loans ,
Economic Stimulus ,
Families First Coronavirus Response Act (FFCRA) ,
Immigrants ,
Joe Biden ,
Mortgages ,
Paycheck Protection Program (PPP) ,
Public Health ,
Public Schools ,
Relief Measures ,
Rental Assistance Programs ,
Restaurant Industry ,
State Aid ,
Vaccinations ,
Virus Testing
Creation of a new rapid response team signals regulators may turn today’s cyber examination priorities into tomorrow’s enforcement priorities.
The Securities and Exchange Commission, New York State Department of Financial...more
8/18/2020
/ Cryptocurrency ,
Cybersecurity ,
Data Breach ,
Department of Homeland Security (DHS) ,
Digital Assets ,
EDGAR ,
FBI ,
First American Title Insurance Co. ,
IRS ,
NYDFS ,
OCIE ,
Popular ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
Twitter
Transitioning the American workforce to telework presents a heightened risk of cybercrime and new challenges for businesses to protect sensitive data.
Mandatory “stay-at-home” orders have forced many businesses to rely on...more
Practical steps to address cybersecurity threats—precautions to prepare for the possible system impacts from COVID-19.
Organizations preparing for COVID-19 are testing and implementing business continuity plans to address...more
3/10/2020
/ Business Continuity Plans ,
Centers for Disease Control and Prevention (CDC) ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Protection ,
Infectious Diseases ,
Phishing Scams ,
Popular ,
Public Health ,
Remote Working ,
Risk Management ,
Telecommuting
Practical steps to address cybersecurity threats—what you should do when heightened tension in the Middle East or other events increase the threat of cybersecurity incidents.
- When news events or business initiatives turn...more
1/24/2020
/ Best Practices ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Information Technology ,
Policies and Procedures ,
Popular ,
Risk Mitigation ,
SHIELD Act
New cybersecurity and data privacy laws will impose substantial new obligations on businesses that collect information about residents of those states.
Regardless of their location or size, nonprofit organizations that...more
New law in New York State extends requirements on companies doing business with New York residents to have cybersecurity programs and expands New York’s breach notification requirements.
New law extends the reach of New...more
Financial institutions regulated by the New York Department of Financial Services (DFS)—referred to in this post as “Covered Entities”—should by now be well familiar with the department’s sweeping cybersecurity regulation, 23...more
The 2018 Midterm Election played out as most poll forecasters speculated. Although several races have yet to be decided, Republicans have retained control of the Senate, but lost at least 29 seats, allowing the Democrats to...more
11/8/2018
/ Corporate Counsel ,
Critical Infrastructure Sectors ,
Cross-Border ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
Department of Transportation (DOT) ,
Deregulation ,
Energy Sector ,
Environmental Policies ,
Financial Services Industry ,
Food and Drug Administration (FDA) ,
Healthcare ,
Legislative Agendas ,
Popular ,
State and Local Government ,
Tax Reform ,
Trade Relations ,
Trump Administration
The DoD clarifies its expectation for full compliance to protect Controlled Unclassified Information (CUI) residing on Contractor Systems from cyber incidents.
A defense contractor’s updated and current System Security...more
12/21/2017
/ Cloud Computing ,
Controlled Unclassified Information (CUI) ,
Cyber Threats ,
Cybersecurity ,
Data Protection ,
Data Security ,
Defense Contracts ,
Defense Sector ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
NIST ,
Reporting Requirements
Takeaways
- Companies that suffer cyberattacks can expect not sympathy but scrutiny from legal authorities.
- D&O insurance can cover not only litigation but also investigation costs.
- Strategic negotiation of...more
9/22/2017
/ Attorney General ,
Civil Investigation Demand ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
D&O Insurance ,
Data Breach ,
Data Privacy ,
Derivative Suit ,
Errors and Omissions Policy ,
Government Investigations ,
Internal Investigations ,
Legal Costs ,
Personally Identifiable Information ,
Popular ,
Risk Management ,
Risk Mitigation ,
Shareholder Litigation ,
Subpoenas ,
Unfair or Deceptive Trade Practices
Are criminal cyberattacks increasing in sophistication and frequency? Yes.
Is every company, in every industry, that collects or stores sensitive customer, employee, or business data vulnerable to cyberattacks?...more
Retirement plan sponsors face ever-evolving cyber-related threats to plan assets and participant personal information. To combat such threats, plan sponsors should proactively assess the third-party service providers’ ability...more
On January 22, 2016, the Food and Drug Administration (FDA) issued draft guidance titled “Postmarket Management of Cybersecurity in Medical Devices,” setting forth proposed recommendations for the medical device industry as...more
Commodity Futures Trading Commission (CFTC) Chairman Timothy Massad has recently stated that the CFTC may soon issue principles based standards that would require certain CFTC-regulated entities to conduct penetration,...more
On Tuesday, October 27, the U.S. Senate approved legislation, strongly supported by business groups, that would facilitate information sharing between government and industry and provide liability protection to companies that...more
Given the range of threats and the catastrophic impact an attack could have on an airline, strategizing to reduce the risk of breaches and implementing plans to deal with them once they occur should be prioritized at board...more
On May 20, 2015, the Commerce Department Bureau of Industry and Security (BIS) proposed to establish controls on the export of cybersecurity items. These items would be classified under new Export Control Classification...more
FireEye’s MVX and DTI Technologies become the first cybersecurity products to earn certification as “Qualified Anti-Terrorism Technologies.”
The Department of Homeland Security (DHS) crossed an important barrier in...more
On April 1, 2015, President Obama issued a groundbreaking Executive Order (E.O.) enabling the United States to sanction persons that have (1) participated in malicious cyber-enabled activities constituting a “significant...more
While not a much-discussed topic during campaign season, federal policy on cyber-security will likely see some material changes as a result of a Republican-controlled Senate. Just how significant those changes will be has yet...more
Today as companies increasingly realize the value of strong cybersecurity, those CIOs who successfully implement an effective cybersecurity system should be viewed as a critical part of the revenue generation effort. An...more
Words matter when it comes to cybersecurity.
With security concerns dominating today’s corporate planning from the Board on down, the CIO often comes in as a technical expert, providing an analysis of the threat...more
The U.S. House of Representatives took a major positive step towards increasing the nation’s cyber security posture today when, on a voice vote, it passed H.R. 3696, the “National Cybersecurity and Critical Infrastructure...more