Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Organizations face increasingly sophisticated threats that can compromise data and disrupt business operations. This presentation will explore the role that digital forensics plays in an effective incident response plan using...more
On July 17, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) issued an Alert adding three vulnerabilities to its Known Vulnerabilities Catalog. ...more
The Cybersecurity and Infrastructure Security Agency (CISA) and its partners recently issued helpful guidance for entities that have limited resources to address cyber threats. The guidance, entitled “Mitigating Cyber Threats...more
Orrick Partner Beth McGinn joins RegFi co-hosts Jerry Buckley and Sasha Leonhardt for our second episode focused on the proposed American Privacy Rights Act and its potential impact on the financial services industry. Beth...more
On February 28, 2024, President Biden signed Executive Order 14117 (the EO), on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” The United...more
Just over a year ago, the White House issued its long-awaited National Cybersecurity Strategy, with an emphasis on defending Critical Infrastructure, promoting public and private collaboration, and safeguarding...more
In 2025, new federal reporting requirements will require hundreds of thousands of organizations to report cyber incidents within hours of discovery to the United States Government, marking a significant impact on how...more
The Biden-Harris Administration is redoubling its efforts to improve cybersecurity for the nation’s water systems. In March, the EPA and the White House issued a dire warning to state governors alerting them of the need to...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
Patching vulnerabilities is a difficult task. Keeping up with and patching them without disrupting users’ experience is tricky. Nonetheless, it is a necessary evil and crucial to cybersecurity hygiene and incident prevention....more
CYBERSECURITY - CISA, FBI + MS-ISAC Issue Warning on Phobos Ransomware - To help organizations protect against ransomware, CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a...more
In one of the most clear-eyed and sobering assessments of the cyberthreat China poses to our nation’s critical infrastructure, the country’s foremost cybersecurity leaders recently testified that the Chinese Communist Party...more
FTC Announces Proposed Settlement with Data Aggregator over its Alleged Selling of Precise Location Data - The Federal Trade Commission (“FTC”), on January 18, 2024, announced a proposed settlement with InMarket Media...more
In response to the number of successful, large-scale ransomware attacks affecting healthcare organizations nearly tripling since 2018, the Department of Health and Human Services (HHS) has released guidance outlining its...more
CYBERSECURITY- Mozilla Releases Security Updates for Thunderbird and Firefox - Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity &...more
Industrial automation platform Rapid SCADA contains seven key vulnerabilities. CISA recently published an advisory about seven vulnerabilities in Rapid SCADA—an open-source industrial automation platform that provides tools...more
CISA has added a new Ivanti vulnerability to its known exploited vulnerability catalogue. This vulnerability can be paired with other recently-reported vulnerabilities to permit threat actors to write malicious web shell...more
On December 15, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) issued a Secure by Design Alert and guidance on “How Manufacturers Can Protect Customers by Eliminating Default Passwords.”...more
On November 17, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released a supplemental mitigation guide for the healthcare and public health sector to the Cyber Risk Summary for those sectors published on...more
On November 1, 2023, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Department of Health and Human Services (“HHS”) co-hosted a roundtable discussion on the cybersecurity challenges that the US...more
It’s Cybersecurity Awareness Month, and this year marks the 20th anniversary of the campaign. Introducing “Secure Our World” as the central theme, the Cybersecurity Infrastructure and Security Agency (CISA) is on a...more
The Cybersecurity & Infrastructure Security Agency, FBI, and MS-ISAC recently released an urgent Joint Advisory on the Atlassian Confluence Vulnerability CVE-2023-22515. According to the Alert, “this critical vulnerability...more
Cybersecurity vulnerability is emerging as a top-of-mind issue for transportation and logistics service providers, regulators, and criminals alike. Recent years have yielded headline-worthy ransomware attacks on domestic...more
CYBERSECURITY - CISA Launches Cybersecurity - Public Awareness Campaign To kick off the twentieth annual Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) has announced that CISA and...more
The Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a Joint Cybersecurity Advisory on October 11, 2023, urging companies (particularly those in the critical...more