Cyber

Representatives Jim Langevin (D-RI) and John Katko (R-NY) have each announced that they will not be seeking re-election in November. Both legislators have focused considerable attention on cybersecurity issues, and on working with the other party to pass legislation addressing them. “You have a Republican and a Democrat, both who recognized the national security implications […]

The energy sector is already an attractive target for hackers, and a report from the UK’s Royal United Services Institute indicates that the growth of the renewable energy sector, creates cybersecurity risks from vulnerabilities in everything from power plants down to smart meters. A key issue is renewables’ use of new – and more pervasive […]

In new guidance, New York state’s attorney general urges businesses to incorporate safeguards to detect and prevent credential-stuffing attacks in their data security programs. This guidance – a kind uncommon from state AGs – is promoted by its finding that 1.1 million customer accounts at “well-known” companies had been compromised in automated attacks using usernames and […]

A new ruling by the Austrian Data Protection Authority traps EU/US data transfers between the General Data Protection Regulation and the Foreign Intelligence Surveillance Act, whose respective goals are fundamentally at odds. This case concerns data from a European company transferred to Google in the United States via Google Analytics. The Austrian DPA has ruled […]

CISA, in tandem with the FBI and NSA, has issued a Cybersecurity Advisory to warn organizations – especially critical infrastructure operators – to “adopt a...

The Lone Star Infrastructure Protection Act, a new Texas law that went into effect June 2021, prohibits Texas businesses and governments from contracting with entities owned or controlled by individuals from China, Russia, North Korea, and Iran, if the contracting relates to “critical infrastructure” and provides the foreign party remote access or control of the […]

The White House hosted a summit for representatives of federal agencies and major tech companies to discuss the security of open-source software, prompted in part by the vulnerability in the widely used Log4j logging utility. The goal was to identify ways to improve the security of open-source software and to support the collaborative communities that […]

The National Institute of Standards and Technology is developing its first Internet of Things Advisory Board, and is seeking nominations for members, who will serve two years each. The 16-member body and its working groups will research, analyze, and advise NIST on federal policy that might influence IoT devices and industries. Secretary of Commerce Gina […]

FCC chair Jessica Rosenworcel has circulated to her colleagues a Notice of Proposed Rulemaking to update the rules for notifying customers and federal law enforcement of breaches involving customer proprietary network information. The proposed “updates would better align the Commission’s rules with recent developments in federal and state data breach laws covering other sectors.” The […]

Public comments to recently published regulations governing compliance with the California Privacy Rights Act show that stakeholders sharply disagree on multiple areas of the CPRA. Seventy submissions totaling nearly 900 pages were published by the California Privacy Protection Agency during a forty-five day comment period. The agency solicited preliminary written comments from the public in […]