DHS and Cyber: What Should Companies Expect?
Data Resilience Masterclass: Navigating the Risks of the Digital Age - Data Risk and Resilience is a critical topic for modern businesses, especially within industries that handle vast amounts of sensitive information....more
On June 13, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) collaborated with the Joint Cyber Defense Collaborative (JCDC) to hold the federal government’s first tabletop exercise for “AI security...more
The term “smart cities” has become popular parlance for municipalities’ attempts to enhance delivery of urban services and infrastructure through information and communications technology. While they may conjure images of...more
CYBERSECURITY - CISA Issues Advisory on Black Basta Ransomware - On May 10, 2024, CISA, along with the FBI, HHS, and MS-ISAC, issued a joint Cybersecurity Advisory relating to Black Basta ransomware affiliates “that...more
On May 10, 2024, CISA, along with the FBI, HHS, and MS-ISAC, issued a joint Cybersecurity Advisory relating to Black Basta ransomware affiliates “that have targeted over 500 private industry and critical infrastructure...more
In response to the growing threat by pro-Russia hacktivists, on May 1, 2023, CISA and other national agency partners issued an Alert to operators of industrial control systems and small-scale operational technology systems in...more
To help organizations protect against ransomware, CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a cybersecurity advisory warning organizations about the Phobos ransomware, and...more
On May 23, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) published a second edition of the #StopRansomware Guide (the Guide). The Guide, first published in September 2020, aims to help organizations reduce...more
In a joint letter this summer, the UK’s data protection regulator (the ICO) and the UK’s National Cyber Security Centre (the NCSC) sought to convey some key messages to the legal profession relevant to advising clients...more
On March 1st, the United States Senate passed a historic cybersecurity bill with bipartisan and unanimous support. This bill impacts operators of federal infrastructure and federal civilian agencies. The Strengthening...more
Russia’s full-scale military invasion of Ukraine is raising cybersecurity risks for American businesses. Corporate America must take immediate additional precautions to protect their networks in light of what is quickly...more
The United States Cybersecurity & Infrastructure Security Agency (CISA) recently issued a Joint Advisory providing an overview of 2021 ransomware trends, noting several key developments that employers should take note of. The...more
2021 was a game-changing year in cybersecurity, with high profile vulnerabilities and data breaches, and government and private sector responses to them. Examples include Accellion, SolarWinds, Microsoft Exchange, Kaseya,...more
As companies scramble to address the newly exploited, ubiquitous Log4j vulnerability, companies’ actions are now the potential source for government scrutiny. Our Privacy, Cyber & Data Security Team summarizes what the Log4j...more
On Nov. 3, the Cybersecurity and Infrastructure Agency (CISA) released a Binding Operational Directive that establishes a catalog of known exploited vulnerabilities that carry significant risk to the federal enterprise...more
The federal government has been grappling with a holistic response to the massive uptick in destructive ransomware attacks that have bombarded the country in recent years. As part of that response, the Cybersecurity and...more
On May 28, the Department of Homeland Security’s Transportation Security Administration (TSA) released a new Security Directive to establish protocols to identify, protect against, and respond better and more quickly to...more
On May 11, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint advisory (Advisory) that encourages critical infrastructure (CI) asset owners and...more
Companies face increasingly tough decision points in preparing for and responding to the proliferation of ransomware attacks. Our Privacy, Cyber & Data Strategy Group outlines seven issues for general counsel to consider as...more
In a lengthy Executive Order issued on May 12, 2021 (the “Order”), the Biden Administration has taken steps “to make bold changes and significant investments” in both public and private sector cybersecurity “in order to...more
As reported last week, it appears that a state-sponsored security hack has resulted in a major security compromise in widely-used software offered by a company called SolarWinds. The compromised software, known as Orion, is...more
The Cybersecurity and Infrastructure Security Agency (CISA) teamed up with the Federal Bureau of Investigation (FBI) to issue a joint warning of cyber-attacks emanating from Iran and targeting U.S. federal agencies and...more
Enforcement activity under the Obama administration often made headlines for the eye-popping level of fines, with the Foreign Corrupt Practices Act (FCPA), Anti-Money Laundering (AML) regulations, and economic sanctions...more