No Password Required: LIVE From Sunshine Cyber Con
An Update On IOT Device Breaches, Framework, And Legislation
Your Cyber Minute: Importance of the GDPR to the global business community
Your Cyber Minute: The Implications of the GDPR for Cybersecurity
How to Respond to President Obama's Cybersecurity Executive Order
On November 1, 2024, the next phase of several significant amendments to the New York Department of Financial Services’ (NYDFS) cybersecurity regulation take effect. These specific amendments, enacted in 2023, impact the...more
BACKGROUND - On October 16, 2024, the New York State Department of Financial Services (DFS) issued an industry letter, Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks,...more
On October 16, 2024, the New York Department of Financial Services (“NYDFS”) issued guidance and strategies (“Guidance”) concerning cybersecurity risks that arise in response to the advancements in artificial intelligence...more
On October 16, 2024, the New York Department of Financial Services (“NYDFS”) released an Industry Letter—entitled Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks (the “Letter”)....more
This month is the 21st annual Cybersecurity Awareness Month, cosponsored by the Cybersecurity and Infrastructure Agency (CISA) and the National Cybersecurity Alliance. This year’s theme is “Secure Our World,” continuing what...more
It has been a busy month for cyber and privacy regulation in Australia. On the heels of the proposed amendments to the Privacy Act 1988 released just under a month ago, three further draft Bills relating to cyber security...more
INTRODUCTION - The acceleration of the rate of cyber-attacks against companies in Hong Kong in the last year or so (with over 60 notifications of such attacks being received by the Office of the Privacy Commissioner of...more
The ubiquity of artificial intelligence (AI) has heightened companies’ exposure to cyberattacks of increasingly greater sophistication. Our Privacy, Cyber & Data Strategy Team explores how businesses can enhance their...more
Introduction It wouldn't be much of an exaggeration to say that NIS2 is the acronym on everyone's lips. When coupled with its European sister legislation DORA, we encounter a regulatory twosome that make GDPR feel like...more
October is here, and as we prepare for pumpkin spice lattes, fall sweaters, and scary decorations, there's one thing your business can't afford to ignore this month: cybersecurity. Welcome to Hack-tober, or as it's officially...more
In this post in our series on basic cybersecurity concepts for lawyers (see here and here for prior posts), we delve into the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) 2.0, which is a...more
Cyber regulation is changing in Australia. As governments globally grapple with the everchanging and increasingly challenging cyber landscape, Australia is poised to implement new laws and update existing regulation in order...more
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
Earlier this year, the National Institute of Standards and Technology (NIST) issued an update to its Cybersecurity Framework (CSF) with the release of version 2.0, the first update since April 2018 (version 1.1). While the...more
Tamiko Fletcher —CISO at Kennedy Space Center With a Heart of Gratitude Tamiko Fletcher’s career at NASA began in 1999 as a cooperative education student. Her journey to CISO over the following 20 years is nothing short of...more
In the absence of federal cybersecurity and data privacy laws, companies have to look to other sources of guidance, including industry standards, and state laws. The National Institute of Standards and Technology (“NIST”)...more
In this series of articles, we explore the different certification requirements of CMMC Levels 1, 2 and 3; the impact on contractors and external service providers; and proposed next steps... On December 26, 2023, the US...more
In response to “multiple” cyber threat vectors, the Biden administration has asked governors of all 50 states to generate cybersecurity plans within 90 days (approximately July 1, 2024) to protect local water and wastewater...more
In its first major overhaul since 2014, the National Institute of Standards and Technology (NIST) updated its Cybersecurity Framework (CSF) on February 26, 2024. The updated 27-page CSF version 2.0 builds on version 1.1 and...more
NIST has updated its widely used Cybersecurity Framework to provide key updates and practical resources for organizations to manage and discuss cybersecurity risk. The updated framework, which remains voluntary, is designed...more
On February 26, 2024, the National Institute of Standards and Technology (NIST) released the Cybersecurity Framework version 2.0 (CSF 2.0). CSF 2.0 is a generational update to NIST’s foundational cybersecurity guidance, which...more
The National Institute of Science and Technology (NIST) has released NIST Cybersecurity Framework (2.0) (Framework 2.0). NIST released two earlier versions of the Framework for Improving Critical Infrastructure Cybersecurity...more
Cybersecurity compliance, governance, and disclosure practices have evolved significantly over the past decade. As we have noted in prior blog posts, the U.S. Securities and Exchange Commission is requiring cybersecurity...more
2023 was another active year in cybersecurity, with high profile vulnerabilities and data breaches, and government and private sector responses to them. Examples include pervasive ransomware attacks targeting the healthcare,...more
On November 1, 2023, the New York Department of Financial Services (NYDFS) announced the adoption of amendments to its Cybersecurity Regulation 23 NYCRR Part 500 (“Amended Cybersecurity Rules” or “Amended Rules”). NYDFS...more