Wondering Why Government Contractors Need to Take Cybersecurity Seriously – Criminals and Foreign Adversaries...
A federal grand jury recently indicted two Chinese nationals for an alleged ten-year hacking campaign originating in China, involving over eleven countries including the United States, Australia, and the United Kingdom. The campaign was reportedly discovered affecting computers at the Department of Energy’s Hanford Site – a nuclear clean-up site – and recently sought to […]
Under a $2.2 million pilot program that began in March, CISA has partnered with the Center for Internet Security to deploy software to election offices for use on laptops and servers used for voter registration and reporting vote totals, to detect malicious activity. Thirty state election offices have are using these endpoint detection and response […]
The Pentagon is trying to determine how Space Command and Space Force will fit into its cyber architecture. For example, there are no plans for Space Force to provide personnel to the cyber mission force, which feeds up to Cyber Command; instead each of the services will provide a set number of teams to it. […]
Data breach cases often turn on whether the threat of future identity theft suffices to establish Article III standing. Recently, the Middle District of Florida found In re Brinker Data Incident Litig., that plaintiffs who did not incur an unauthorized charge following a data breach, but instead immediately cancelled their compromised debit cards, failed to […]
Another Cybersecurity Wake Up Call: Connecticut Insurance Department Issues Guidance on Cyber Law Set...
The Connecticut Insurance Department has issued guidance for compliance with the Connecticut Insurance Data Security Law, which goes into effect October 1. The state law was modeled after the National Association of Insurance Commissioners Model Cybersecurity Law, which itself was modeled after the New York State Department of Financial Services cybersecurity regulation. Among other requirements, […]
CMMC Official Backs Light-touch Option for Continuous Monitoring of Defense Contractors’ Cybersecurity
The CMMC Accreditation Body is deliberating over a partner to continuously monitor contractors’ cybersecurity posture, and sympathizes with industry leaders who are hoping a...
The Office of Defense Procurement and Acquisition Policy has released four memoranda on cybersecurity compliance in less than three months, signaling an increased interest in validating contractor compliance with DFARS cybersecurity rules, which impose security and cyber incident reporting requirements on defense contractors who have access to Covered Defense Information. Smith Pachter McWhorter advises that […]
A bill from a House Republican would start to carry out recommendations from the Congressionally-chartered Cyberspace Solarium Commission. The bill has a lot to say about the Cybersecurity and Infrastructure Security Agency and other federal cyber efforts. House Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection and Innovation ranking member John Katko (R-NY) joined Federal Drive […]
Federal agencies and the Office of Management and Budget (OMB) have taken steps to improve the management of information technology acquisitions and operations and ensure the nation’s cybersecurity through a series of initiatives, GAO reports. As of July 2020, federal agencies had fully implemented 64 percent of the 1,376 IT management-related recommendations that GAO has […]
The FBI and the Departments of Homeland Security and Defense have published information about Taidoor, a family of malware used since 2008 in hacking efforts led by the Chinese government. It has been used to target government agencies, entities in the private sector, and think tanks, in particular those with a focus on Taiwan. Cyber […]