The federal Cybersecurity and Infrastructure Security Agency (CISA) released a draft of its proposed rule detailing how covered entities operating in critical infrastructure sectors report cyberattacks and ransomware payments...more
3/28/2024
/ Biden Administration ,
Comment Period ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Preservation ,
Data Privacy ,
New Legislation ,
New Rules ,
Popular ,
Proposed Rules ,
Public Comment ,
Reporting Requirements
The U.S. Department of Defense (DoD) released a proposed rule to implement its Cybersecurity Maturity Model Certification (CMMC) program, which would establish a comprehensive set of cybersecurity requirements applicable to...more
3/1/2024
/ Applications ,
Certifications ,
Contractors ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Privacy ,
Department of Defense (DOD) ,
Federal Contractors ,
Popular ,
Privacy Laws ,
Proposed Rules ,
Regulatory Requirements ,
Small Business ,
Subcontractors
The updated data breach notification rules broaden the definition of what is considered a breach and expand the scope of who must be notified when a data breach occurs.
The Federal Communications Commission (FCC or...more
This month, the Securities and Exchange Commission (SEC) proposed new cybersecurity disclosure rules for publicly traded companies. The comment period is ongoing, but the take-away for public companies is immediate: a public...more
Supreme Court of Virginia Declines Certified Questions from Federal Court in In re: Capital One Consumer Data Security Breach Litigation -
The lawsuit In re: Capital One Consumer Data Security Breach Litigation, has already...more
11/30/2021
/ Capital One ,
Contract Claims ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Disclosure Requirements ,
Economic Loss Doctrine ,
Negligence ,
Personal Information ,
Popular ,
Security Breach ,
VA Supreme Court
Even as the world slowed in 2020, threat actors picked up their pace and used work-from-home infrastructure to spread malicious attacks. These bad actors also exploited trusted software vendors from Solar Winds to Microsoft,...more
Rarely do Virginia and California fall into the same camp on legislation, but that may change with Virginia’s Consumer Data Privacy Act (the “Act”). The Virginia House of Delegates overwhelmingly passed the Act on January...more
2/11/2021
/ Cybersecurity ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Protection ,
Legislative Agendas ,
Pending Legislation ,
Personal Data ,
Popular ,
Regulatory Agenda ,
State and Local Government ,
State Data Privacy Laws