Find Someone Observant: The Vital Role of Facility Security Officers
2023 DSIR Report Deeper Dive into the Data
Guidepost in Motion - Cybersecurity Frameworks and Metrics Part 2
Debra Geroux and Scott Wrobel on Responding to Data Breaches
The Internet of Things (“IoT”) has ushered in a new era of connectivity and convenience, but with it comes a host of legal issues and emerging theories of liability. As IoT devices become increasingly ubiquitous in our daily...more
On July 19, 2022, the National Institute of Standards and Technology (NIST) released a Pre-Draft Call for Comments, seeking feedback on improving its Controlled Unclassified Information (CUI) series of publications. The...more
As summarized in the first installment of our two-part blog series, President Biden recently issued a sweeping Executive Order aimed at improving the nation’s cybersecurity defense. The Order is a reaction to increased...more
As the COVID-19 pandemic and social distancing enforced remote work only accelerated the move to the cloud for many organizations, it should come as no surprise that the use of cloud-based solutions continues to be on the...more
The Domain Name System (DNS) is the most used service on the internet. It is the foundational technology that makes the internet possible, delivering all digital experiences and online services. The DNS is a global public...more
With cybercrime on the rise, organizations have increasingly found themselves subject to litigation or regulatory investigations related to breaches. Documents and information created before breaches, such as security...more
California has taken bold steps to regulate the privacy and security of personal information, creating unprecedented remedies for data breaches and recognized European-style rights for consumers in their data. On September...more
In an effort to phase out what many in the security world believe are threats to the cybersecurity posture of governmental agencies and private entities alike...more
The EU’s General Data Protection Regulation (GDPR), which went into effect in May 2018, requires companies to implement appropriate security measures when handling personal data....more
Last week, a D.C. federal judge ruled that an investigative reporter was not entitled to a 2014 cybersecurity study performed by an outside vendor detailing vulnerabilities in the Federal Election Commission’s information...more
The CFTC recently approved the National Futures Association’s interpretive notice (the “Cybersecurity Notice”) on the general requirements that members should implement for their information systems security programs...more
Why it matters - As anticipated, the Federal Financial Institutions Examination Council (FFIEC) released its Cybersecurity Assessment Tool, providing a process for financial institutions' management to gauge their...more
Federal government contractors handling Controlled Unclassified Information (CUI) should take notice of two recent executive agency actions. Combined, they lay the groundwork for a new cybersecurity clause to be added to the...more