Public companies will soon face new cybersecurity disclosure requirements from the Securities and Exchange Commission (SEC), which voted last week to approve a controversial new cybersecurity rule. The final rule—which is...more
8/2/2023
/ Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Final Rules ,
Form 10-K ,
Form 8-K ,
Publicly-Traded Companies ,
Regulation S-K ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC)
On March 2, 2023, the White House Office of the National Cyber Director (ONCD) released the National Cybersecurity Strategy (“Strategy”). The Strategy outlines the Administration’s priorities for cyber regulations and policy....more
The White House released the long-anticipated National Cybersecurity Strategy on March 2, 2023 setting out five (5) pillars articulating key themes and Administration priorities. Coming more than two years into the Biden...more
3/2/2023
/ Biden Administration ,
CIRC ,
Corporate Counsel ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Department of Justice (DOJ) ,
Executive Orders ,
FBI ,
IaaS ,
Information Technology ,
National Security ,
NIST ,
Popular ,
Ransomware
Congress has directed the U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) to create broad new rules for mandatory cyber incident reporting to be imposed on critical...more
Lyn Brown sits down with Kristina Walter, Chief of the Defense Industrial Base Cybersecurity within the National Security Agency’s Cybersecurity Collaboration Center, and Ben Kastan who is the Associate General Counsel for...more
Director of National Intelligence (DNI) Avril Haines was interviewed by Michele Flournoy, Co-Founder and Managing Partner at WestExec Advisors and former Under Secretary of Defense for Policy, on the first day of the RSA...more
Day 3 at RSA Conference 2022 was filled with fascinating discussions on enhancing our cyber defenses to defeat the ever-proliferating spate of increasingly common and expensive ransomware attacks....more
I am at the RSA Conference 2022 in San Francisco, my first time as a member of the private sector, since retiring from the FBI last year. I attended one of the keynotes on the first day of the conference, in between panels on...more
6/7/2022
/ Coronavirus/COVID-19 ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Hackers ,
Information Technology ,
Multi-Factor Authentication ,
Oil & Gas ,
Popular ,
Ransomware ,
Russia ,
Ukraine
Public comments in an ongoing cybersecurity proceeding at the National Institute of Standards and Technology (NIST) highlight the utility of a foundational cybersecurity document while also providing suggestions for its...more
In March 2022, Congress passed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) requiring critical infrastructure to report significant cyber incidents and ransomware payments to the Cybersecurity...more
Public comments on updating the National Institute of Standards and Technology’s (NIST), the Framework for Improving Critical Infrastructure Cybersecurity (CSF), highlight private and public sector interest in this core...more
Late 2021 and early 2022 have been full of federal government activity related to cybersecurity incident reporting. Congress passed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 to require mandatory...more
3/21/2022
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Protection ,
Department of Homeland Security (DHS) ,
Popular ,
Securities and Exchange Commission (SEC) ,
TSA
What: Publicly traded companies may soon be subject to additional cybersecurity reporting requirements. On March 9, 2022, the Securities and Exchange Commission (SEC) proposed rules and amendments to enhance and standardize...more
What: Cleared Defense Contractors (CDCs) are being actively targeted by Russian state-sponsored cyber activity, according to a Joint Cybersecurity Advisory from the Federal Bureau of Investigation (FBI), National Security...more
2/17/2022
/ Bad Actors ,
Controlled Unclassified Information (CUI) ,
Critical Infrastructure Sectors ,
Cyber Weapons ,
Cybersecurity ,
Cybersecurity Framework ,
Cybersecurity Information Sharing Act (CISA) ,
Defense Sector ,
Department of Defense (DOD) ,
FBI ,
Federal Contractors ,
Information Technology ,
Intelligence Services ,
Multi-Factor Authentication ,
NIST ,
Passwords ,
Popular ,
Russia ,
Sensitive Business Information ,
Subcontractors ,
Technology Sector
In the next podcast episode of Wiley’s 2022 Privacy & Cyber Series, Wiley partner Megan Brown and special counsel Lyn Brown, who recently joined Wiley from the FBI, discuss ransomware, geopolitical tensions, and the race to...more
Federal agencies have been actively looking at cyber threats to critical infrastructure. In a January 27 announcement the White House said: “it will extend the Industrial Control Systems (ICS) Cybersecurity Initiative to the...more
1/28/2022
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
Environmental Protection Agency (EPA) ,
Information Technology ,
Joe Biden ,
NDAA ,
Pipelines ,
Popular ,
Railways ,
Ransomware ,
Wastewater ,
Water ,
Wiretap Act
Amid a sharp rise in ransomware attacks over the past year, cyber gained prominence as a top business risk and national security concern – and 2022 is shaping up to be the year of cybersecurity standards and compliance....more
In the inaugural episode of Wiley’s 2022 Privacy & Cyber Series, Wiley partner Megan Brown and special counsel Lyn Brown, who recently joined Wiley from the FBI, discuss cyber trends that picked up speed in 2021 and offer...more
Privacy In Focus®-
In 2021, cyber gained prominence as a top business risk and national security concern with ransomware attacks wreaking havoc on business operations and critical infrastructure. Companies large and small,...more
1/19/2022
/ Asset Recovery ,
Bad Actors ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Decryption ,
Department of Justice (DOJ) ,
FBI ,
Hackers ,
National Security ,
NDAA ,
NIST ,
Office of Foreign Assets Control (OFAC) ,
Oil & Gas ,
Pipelines ,
Popular ,
Ransomware ,
Supply Chain
What: The Transportation Security Administration (TSA) has issued two Security Directives aimed at passenger and freight railroad cybersecurity, continuing the government’s move to an increasingly regulatory approach to...more
12/6/2021
/ Critical Infrastructure Sectors ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Enforcement Actions ,
Espionage ,
National Security ,
NIST ,
Owner-Operators ,
Popular ,
Railroads ,
Risk Assessment ,
Transportation Security Administration ,
TSA ,
Unauthorized Access
What: On November 16, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) released Federal Government Cybersecurity Incident and Vulnerability Playbooks as part of the Biden Administration’s efforts to improve...more
11/18/2021
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Popular ,
Private Sector ,
Technology Sector
The Cybersecurity and Infrastructure Security Agency (CISA) issued a sweeping binding directive to federal agencies to patch hundreds of cybersecurity vulnerabilities that are considered major risks for cyber actors to cause...more
11/9/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Homeland Security (DHS) ,
Hackers ,
National Security ,
Popular ,
Private Sector ,
Technology Sector