DHS and Cyber: What Should Companies Expect?
In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns....more
The cyber reporting landscape is rapidly shifting. Many agencies are developing rules, and a major player has been the U.S. Securities and Exchange Commission (SEC), with important questions arising about implementation of...more
On October 3, 2023, the FAR Council released two proposed rules for federal contractor cybersecurity requirements that relate to cyber threat and incident reporting and information sharing (case 2021-017) and standardizing...more
2022 proved to be an historic year for privacy and data security. Connecticut and Utah joined the list of states that have now passed comprehensive data privacy laws, bringing the total to five (5) states. For the first...more
What We’re Watching in 2023 - Happy New Year from the BR Data Privacy and Security Download! 2022 was a busy year for data privacy and security. State and federal regulatory agencies flexed their enforcement muscle, we...more
General and specialty compliance training from the comfort of your home or office! HCCA’s Regional Healthcare Compliance Conferences provide practitioners with virtual compliance training that includes updates on the...more
In a joint letter this summer, the UK’s data protection regulator (the ICO) and the UK’s National Cyber Security Centre (the NCSC) sought to convey some key messages to the legal profession relevant to advising clients...more
Ransomware attacks have become headline news in the mainstream media, and a hot topic not only on this blog but in government circles. And with good reason as the United States suffered a staggering 421.5 million ransomware...more
On March 15, 2022, President Joe Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), which increased funding for the federal Cybersecurity and Critical Infrastructure Agency (CISA) and...more
The month of March has seen significant developments in the cybersecurity and data protection space. Here are four key legal developments that could be critical to your business. . . ...more
This is the seventh post in this year’s series examining important trends in white collar law and investigations. Our previous post discussed SEC Enforcement in 2022: A Look Ahead. Up next: ESG and the SEC: What’s Next on the...more
The Department of Justice recently announced a new initiative that aims to hold government contractors accountable when they fail to meet required cybersecurity standards. In announcing the “Civil Cyber-Fraud Initiative” in...more
Our one-day Regional Compliance Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational...more
Many companies have a “no ransomware payment” stance until faced with a ransomware attack, especially an attack that causes significant business disruption. At that point, the company may reconsider its stance (or at least...more
The Texas Legislature, which meets every other year, pushed a change to its data breach notification law at the end of the session in late May, and yesterday Governor Greg Abbott signed the bill into law...more
Akin to the exasperations of the newly minted “homeschool teachers” the pandemic has created, the Biden administration’s recent Executive Order on Improving the Nation’s Cybersecurity (Order) is a mix of sound logic and utter...more
On August 12, 2020, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) reported an unknown malicious cyber actor sending phishing emails purporting to be from the Small Business...more
Overview of the Updated CISA Guidance - On April 17, the Cybersecurity and Infrastructure Security Agency (CISA), an agency within the Department of Homeland Security (DHS), issued the third version of its nonbinding...more
The Cybersecurity & Infrastructure Security Agency (CISA) just issued an updated memorandum listing the industries that contain the Essential Infrastructure Workforce – and it contains good news for many businesses that can...more
In Case You Missed It: U.S. Major party platforms address cybersecurity. The two major parties have released their 2016 election platforms, both of which include cybersecurity planks. The Republican platform’s perspective...more