Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
The New York Department of Financial Services (DFS) has issued guidance, in the form of an industry letter, on addressing cybersecurity risks arising from artificial intelligence (AI) under its cybersecurity regulation, 23...more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
The National Institute of Science and Technology (NIST) has released NIST Cybersecurity Framework (2.0) (Framework 2.0). NIST released two earlier versions of the Framework for Improving Critical Infrastructure Cybersecurity...more
As we enter the New Year, Wiley has looked back at the top cyber issues for 2023 and what they mean for 2024. Last year, we saw the rollout of the National Cybersecurity Strategy—which outlined a new era of cyber oversight—as...more
The New York State Department of Financial Services (NYDFS) recently published a revised proposed second amendment to its cybersecurity regulation, 23 NYCRR 500. ...more
INTRODUCTION - As more of our lives and work become digitized, an inherent overlap continues to grow between data privacy and cyber security programs. Think of two similarly sized circles: in the past, data privacy and cyber...more
The National Institute of Standards and Technology (NIST) has released the second draft of its Artificial Intelligence (AI) Risk Management Framework (RMF) for comment. Comments are due by September 29, 2022. NIST, part of...more
Organizations are becoming increasingly reliant on external parties to manage parts of their business. The centralized knowledge, expertise, and economies of scale that third parties provide enables organizations to focus...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Produces Roadmap for Improving Critical Infrastructure Cybersecurity Version 1.1 - On April 25, the National Institute of Standards and Technology...more
A recent Harris Poll surveyed adults on the topic of corporate social responsibility and found, not surprisingly, that a majority of those asked stated that companies should – or perhaps “ought” – to have a mission beyond...more
The State of New York’s response to two large cybersecurity breaches may fuel the transformation of the state regulation of corporate cybersecurity in the U.S. Unlike typical state data breach statutes which focus on...more
On December 28, 2016, the New York Department of Financial Services ("DFS") released a revised version of a proposed regulation that would require banks, insurance companies, and other financial services institutions...more
Last year’s proposed comprehensive framework for cybersecurity rules for large financial institutions is suddenly facing an uncertain future. With the comment period having closed as of February 2017, the framework was facing...more
The New York Department of Financial Services (NYDFS)’s finalized Cybersecurity Requirements for Financial Services Companies (“regulations”), went into effect on March 1, 2017. NYDFS has provided a 6 month safe harbor to...more
As we previously reported, in September 2016 the New York Department of Financial Services (the “DFS”) proposed a regulation that would require banks, insurance companies and other financial services institutions regulated by...more
Updates on the EU: German DPA Publishes First Privacy Shield Guidelines, Requires German-Law Contracts for Transfers. On June 7, 2016, the European Commission adopted the EU-U.S. Privacy Shield. One question that many...more
On September 13, 2016, Governor Andrew Cuomo announced the first proposed broadly applicable cyber regulation in the U.S. (the “Regulation”). The Regulation covers banks, insurance companies and other financial institutions...more
In this edition of our Privacy & Cybersecurity Update, we examine the Sixth Circuit's decision to allow injury-in-fact to be established by alleging a "substantial risk of harm" in a data breach case, New York state's...more
On April 9, the New York State Department of Financial Services (NYDFS) released a report on bank vendor cybersecurity that highlights the risk that hackers will use third-party service providers to gain access to bank data....more