On January 8, 2025, the U.S. Department of Justice (Department or DOJ) issued new rules required by then-President Biden’s February 2024 Executive Order (EO) 14117 to establish a new regulatory framework aimed at “Preventing...more
4/4/2025
/ Biometric Information ,
China ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
Executive Orders ,
Final Rules ,
National Security ,
New Regulations ,
Popular ,
Reporting Requirements ,
Sensitive Personal Information
On March 19, 2025, the White House released Executive Order (EO) 14239, Achieving Efficiency Through State and Local Preparedness, which calls for a comprehensive review of and changes to many long-standing federal...more
As we noted in Federal Cybersecurity Policy in 2025: What to Watch in Changing Times, key parts of the Cybersecurity Information Sharing Act of 2015 (CISA 2015), the United States’ foundational cybersecurity information...more
As President-Elect Trump’s second Administration begins in January 2025, businesses face a critical juncture with potential shifts in regulatory focus across industries and sectors including artificial intelligence,...more
11/13/2024
/ Artificial Intelligence ,
Chevron Deference ,
Consumer Financial Protection Bureau (CFPB) ,
Cryptocurrency ,
Data Privacy ,
Department of Defense (DOD) ,
Department of Justice (DOJ) ,
Environmental Protection Agency (EPA) ,
Ethics ,
Federal Contractors ,
Federal Election Commission (FEC) ,
Healthcare ,
International Trade ,
National Security ,
Presidential Elections ,
Regulatory Reform ,
Securities and Exchange Commission (SEC) ,
Toxic Substances Control Act (TSCA) ,
Trump Administration ,
USTelecom
On October 21, 2024, the U.S. Department of Justice (Department or DOJ) and the U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued proposals – required by the...more
10/24/2024
/ Biden Administration ,
Biometric Information ,
CFIUS ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Exempt Transactions ,
Foreign Entities ,
International Emergency Economic Powers Act (IEEPA) ,
National Security ,
NPRM ,
Prohibited Transactions ,
Recordkeeping Requirements ,
Reporting Requirements ,
Restricted Transactions ,
Sensitive Personal Information
Companies, particularly those in “critical infrastructure” sectors, have seen a dramatic increase in cybersecurity regulatory requirements in just the past few years – and the White House is looking to move faster. At the...more
On April 30, 2024 the White House updated the foundational U.S. government policy that defines critical infrastructure (CI) sectors and establishes a coordination structure within the federal government to support owners and...more
On March 5, 2024, the Department of Justice (DOJ) issued an Advance Notice of Proposed Rulemaking (ANPRM) regarding Access to Americans’ Bulk Sensitive Personal Data and Government-Related Data by Countries of Concern. The...more
3/14/2024
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Artificial Intelligence ,
Big Data ,
Cross-Border ,
Customer Proprietary Network Information (CPNI) ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Cybersecurity Framework ,
Data Transfers ,
Department of Justice (DOJ) ,
Executive Orders ,
Military Service Members ,
National Security ,
Popular ,
Sensitive Personal Information ,
USTR ,
WTO
On March 1, 2024, at the direction of President Biden, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) published an Advanced Notice of Proposed Rulemaking (ANPRM) seeking public comment on the proposed...more
3/11/2024
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Automotive Industry ,
Bureau of Industry and Security (BIS) ,
Connected Cars ,
Critical Infrastructure Sectors ,
Department of Justice (DOJ) ,
Executive Orders ,
Foreign Adversaries ,
Information and Communication Technology (ICT) ,
National Security ,
OEM ,
U.S. Commerce Department
For most filers, the U.S. Securities and Exchange Commission’s (SEC) new Form 8-K rules for reporting material cybersecurity incidents took effect yesterday, December 18, 2023. The rule has been controversial and created some...more
The cyber reporting landscape is rapidly shifting. Many agencies are developing rules, and a major player has been the U.S. Securities and Exchange Commission (SEC), with important questions arising about implementation of...more
12/14/2023
/ Corporate Counsel ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
FBI ,
National Security ,
Public Disclosure ,
Public Safety ,
Risk Management ,
Securities and Exchange Commission (SEC)
As heated debate continues over possible changes to the Foreign Intelligence Surveillance Act (FISA), which is poised to expire later this month, we wanted to provide some perspective on a few practical issues. As former DOJ...more
12/13/2023
/ Cyber Threats ,
Data Collection ,
Department of Justice (DOJ) ,
Electronic Communications ,
Espionage ,
FBI ,
FISA ,
Intellectual Property Protection ,
National Security ,
NDAA ,
Popular ,
Senate Judiciary Committee ,
Surveillance
On December 18, the Securities and Exchange Commission's (SEC) new disclosure requirements go into effect and will require public companies to publicly report material cybersecurity incidents within four days of making a...more
12/12/2023
/ Cyber Incident Reporting ,
Cybersecurity ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
FBI ,
Governance Standards ,
National Security ,
Public Safety ,
Publicly-Traded Companies ,
Reporting Requirements ,
Securities and Exchange Commission (SEC)
On March 2, 2023, the White House Office of the National Cyber Director (ONCD) released the National Cybersecurity Strategy (“Strategy”). The Strategy outlines the Administration’s priorities for cyber regulations and policy....more
The White House released the long-anticipated National Cybersecurity Strategy on March 2, 2023 setting out five (5) pillars articulating key themes and Administration priorities. Coming more than two years into the Biden...more
3/2/2023
/ Biden Administration ,
CIRC ,
Corporate Counsel ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Department of Justice (DOJ) ,
Executive Orders ,
FBI ,
IaaS ,
Information Technology ,
National Security ,
NIST ,
Popular ,
Ransomware
Privacy In Focus®-
In 2021, cyber gained prominence as a top business risk and national security concern with ransomware attacks wreaking havoc on business operations and critical infrastructure. Companies large and small,...more
1/19/2022
/ Asset Recovery ,
Bad Actors ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Decryption ,
Department of Justice (DOJ) ,
FBI ,
Hackers ,
National Security ,
NDAA ,
NIST ,
Office of Foreign Assets Control (OFAC) ,
Oil & Gas ,
Pipelines ,
Popular ,
Ransomware ,
Supply Chain
What: The Transportation Security Administration (TSA) has issued two Security Directives aimed at passenger and freight railroad cybersecurity, continuing the government’s move to an increasingly regulatory approach to...more
12/6/2021
/ Critical Infrastructure Sectors ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Enforcement Actions ,
Espionage ,
National Security ,
NIST ,
Owner-Operators ,
Popular ,
Railroads ,
Risk Assessment ,
Transportation Security Administration ,
TSA ,
Unauthorized Access
The Cybersecurity and Infrastructure Security Agency (CISA) issued a sweeping binding directive to federal agencies to patch hundreds of cybersecurity vulnerabilities that are considered major risks for cyber actors to cause...more
11/9/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Homeland Security (DHS) ,
Hackers ,
National Security ,
Popular ,
Private Sector ,
Technology Sector