News & Analysis as of

Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) Risk Management

Robinson+Cole Data Privacy + Security Insider

CISA Warns of Three New Vulnerabilities Actively Exploited by Threat Actors

On July 17, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) issued an Alert adding three vulnerabilities to its Known Vulnerabilities Catalog. ...more

Bradley Arant Boult Cummings LLP

HUD’s Federal Flood Risk Management Standard Final Rule to Help Communities Reduce Flood Damage, but Tradeoffs Draw Criticism

On April 22, 2024, the Department of Housing and Urban Development (HUD) published its final rule regarding updated flood insurance requirements in certain areas of the country: Floodplain Management and Protection of...more

Williams Mullen

EPA Chemical Facility Anti-Terrorism Standards Lapse

Williams Mullen on

It has now been more than six months since Congress allowed the statutory authority for the Chemical Facility Anti-Terrorism Standards (CFATS) program (6 CFR Part 27) to expire on July 28, 2023. EPA recently advised all...more

Nossaman LLP

Critical Infrastructure Organizations Warned to Upgrade Systems and Software

Nossaman LLP on

In one of the most clear-eyed and sobering assessments of the cyberthreat China poses to our nation’s critical infrastructure, the country’s foremost cybersecurity leaders recently testified that the Chinese Communist Party...more

Mitratech Holdings, Inc

5 GRC Trends and Resolutions for a More Secure 2024

Elevate your resilience in the new year by understanding top GRC trends, patterns, and best practices across AI, TPRM, cyber risk, and more. As we step into 2024, technological advancements and an increasingly connected —...more

NAVEX

AI Frameworks Provide a Roadmap for Compliance Officers

NAVEX on

As governments around the world begin to introduce new frameworks and standards addressing the responsible design, development, deployment and operation of artificial intelligence (AI) systems, chief compliance officers...more

Troutman Pepper

FERC Staff Issues Report on Lessons Learned from 2023 CIP Audits

Troutman Pepper on

On December 12, 2023, FERC staff offered information and recommendations to help registered entities (i.e., users, owners, and operators of the bulk electric system) improve their compliance with mandatory Critical...more

Davis Wright Tremaine LLP

CISA, UK NCSC, and 17 Other Countries Issue Landmark Joint Guidelines for Secure AI System Development

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (UK NCSC), along with partner agencies from 17 nations, have released Guidelines for Secure AI System Development (the...more

Mitratech Holdings, Inc

Secure Our World: 4 Work-Related Security Best Practices for Cybersecurity Awareness Month

Mitratech Holdings, Inc on

It’s Cybersecurity Awareness Month, and this year marks the 20th anniversary of the campaign. Introducing “Secure Our World” as the central theme, the Cybersecurity Infrastructure and Security Agency (CISA) is on a...more

Robinson+Cole Data Privacy + Security Insider

CISA + FBI Issue Joint Advisory on AvosLocker Ransomware

The Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a Joint Cybersecurity Advisory on October 11, 2023, urging companies (particularly those in the critical...more

King & Spalding

FDA Finalizes Premarket Cybersecurity Guidance for Medical Devices

King & Spalding on

On September 27, 2023, FDA finalized its guidance entitled “Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions” (the “2023 Final Guidance”). The Final Guidance replaces...more

Robinson+Cole Data Privacy + Security Insider

CISA Launches Cybersecurity Public Awareness Campaign

To kick off the twentieth annual Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) has announced that CISA and the National Cybersecurity Alliance will “focus on ways to “Secure Our...more

Robinson+Cole Data Privacy + Security Insider

Joint Advisory Warns of Snatch Ransomware

The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of compromise and observed tactics, techniques, and procedures of Snatch...more

Robinson+Cole Data Privacy + Security Insider

CISA Issues Two Industrial Control Systems Advisories

The Cybersecurity and Infrastructure Security Agency (CISA) recently issued “timely information about current security issues, vulnerabilities, and exploits surrounding” Industrial Control Systems (ICS)....more

Robinson+Cole Data Privacy + Security Insider

Joint Advisory on MOVEit Transfer Vulnerability Published

CISA and FBI have issued a joint advisory on the MOVEit transfer vulnerability that should be on the radar of CISOs and IT professionals. The CLOP ransomware organization has been reportedly exploiting an SQL injection...more

Robinson+Cole Data Privacy + Security Insider

CISA Issues Three Advisories for Industrial Control Systems

On May 16, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released three advisories applicable to Industrial Control Systems (ICS). The Alerts cover vulnerabilities of Snap One OvrC Cloud, Rockwell...more

NAVEX

Third-Party Risks Making Headlines in 2023 and How to Prepare

NAVEX on

Third parties have posed significant risks to companies for years, but perhaps more so now than ever before. Cyber threats, Russia sanctions, and a new wave of child labor in the United States are just a few risks making...more

Robinson+Cole Data Privacy + Security Insider

CISA Lists Top CVEs Exploited by Chinese State-Sponsored Cyber Actors

The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and Exposures (CVEs) that have been used by the People’s Republic of China (PRC) state-sponsored...more

Mitratech Holdings, Inc

Emerging Cyber Risks in the US & UK

Mitratech Holdings, Inc on

Cyber risk management has significantly escalated in importance, during the last couple of years, as a result of companies overcoming the operational challenges of the pandemic, transitioning to hybrid working, preparing for...more

Robinson+Cole Data Privacy + Security Insider

CISA Recommends Following Microsoft’s Mitigation for Zero Day Exploits

Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft stated that it is aware that two vulnerabilities are being actively exploited to access users’...more

McDermott Will & Emery

[Webinar] Regulators Mount Up! Recent Developments in Government Oversight of Cybersecurity - October 11th, 12:00 pm - 1:00 pm EDT

McDermott Will & Emery on

Government agencies at the state and federal levels are increasingly training their sights on the cybersecurity resiliency of companies in an array of industries. The US Securities and Exchange Commission has proposed rules...more

Robinson+Cole Data Privacy + Security Insider

CISA Adds 21 Known Vulnerabilities to Catalog

The Cybersecurity & Infrastructure Security Agency (CISA) added 21 new vulnerabilities to its Known Exploited Vulnerabilities Catalog on May 23, 2022, due to active exploitation by cyber criminals. The vulnerabilities are a...more

Burr & Forman

FINRA Warns Against Russian-Sponsored Cyber Attacks

Burr & Forman on

In its April 27 Weekly Update, the Financial Industry Regulatory Authority’s (“FINRA”) National Cause and Financial Crimes Detection program urged FINRA member firms to review a cyber-threat alert arising from Russia’s...more

Robinson+Cole Data Privacy + Security Insider

Joint Cyber Alert Urges Organizations to Patch Known Vulnerabilities

As we have pointed out before, it is cumbersome yet critical, to patch vulnerabilities on a timely basis. Cyber-attackers move swiftly to take advantage of known vulnerabilities and are aware of the challenges organizations...more

ArentFox Schiff

Colorado Attorney General Seeks Rulemaking Comments for the Colorado Privacy Act

ArentFox Schiff on

Colorado Attorney General Seeks Rulemaking Comments for the Colorado Privacy Act - With the Notice of Proposed Rulemaking set for fall 2022, Colorado’s Attorney General office is currently inviting preliminary comments for...more

49 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide