Tuesday, October 26, 2021

Subscribers Only

Free

Virtual Currency Platforms and Ransomware Attacks: OFAC Highlights Overlap of Sanctions and Cybersecurity Risks

In the past month, the Office of Foreign Assets Control of the US Department of Treasury has issued two advisories that highlight the heightened...

Deputy AG Monaco Suggests Liability Protections for Breach Reports

To further incentivize incident disclosures, Deputy Attorney General Lisa Monaco suggests that a business that tells the DOJ about a cyberattack they’ve experienced could find support from the agency with legal challenges resulting from the incident. Explaining the direct benefits of going to law enforcement, Monaco said the department would purse arrests and financial recovery, […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

U.S. Taking “Aggressive Whole-of-Government” Approach to Address Ransomware

Mieke Eoyang, the deputy assistant secretary of defense for cyber policy, says the federal government is broadening how it addresses ransomware attacks and other aggression from Russia, China, and independent cyber actors. She promises “an aggressive, whole-of-government effort aimed at trying to hold the individuals accountable, deny them access to their proceeds, working with the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Justice Department Takes the FCA Online

The DOJ has announced two major cyberspace-related enforcement initiatives: The Civil Cyber-Fraud Initiative will pursue FCA actions targeting individuals and entities that receive federal funds and knowingly (1) provide deficient cybersecurity products or services; (2) misrepresent their cybersecurity practices or protocols; or (3) violate obligations to monitor and report cybersecurity incidents and breaches. It will […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

DOJ Announces Civil Cyber-Fraud Initiative to Use False Claims Act to Enforce Cybersecurity Standards...

The announcement of the Civil Cyber-Fraud Initiative reflects a broader focus on cybersecurity across the federal government and ongoing evolution on appropriate cybersecurity standards in a dynamic threat environment. Historically, the government has treated cybersecurity standards as material conditions of government contracts and has used the FCA to pursue cases and damages when a contractor […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

DHS Cyber Talent Management System Preparing to Go Live

On November 15, CISA will go live with its new Cyber Talent Management System, which gives agency managers more leeway in recruiting and retaining cybersecurity personnel by letting them define both the position and its pay grade. In particular, salaries can be tied to prevailing wages outside the federal government – which are typically higher […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

California Broadens Security and Breach Laws, Includes Genetic Data

California recently updated both its data security and breach notice laws to include genetic data. With the passage of AB 825, the data security law now includes in the definition of “personal information” genetic data. The information needs to be “reasonably protected.” While many other states have similar “reasonable protection” requirements in their data security […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

The Growth and Evolution of Disruptionware

Cyberattacks are an increasingly common presence in the news, and disruptionware has emerged as a popular — and particularly nefarious — type of attack....

Defense Digital Service Contracts for Revenge of the SITH

The Defense Digital Service has launched the SITH (System for Insider Threat Hindrance): a new project to automate DoD processes for tracking and raising earlier awareness of insider threat risks. DDS has awarded a $14.8 million contract to TrussWorks to develop the system, with the goal to deliver a prototype to the Defense Counterintelligence and […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Inglis Discusses Public-Private Partnerships on Cyber

National Cyber Director Chris Inglis supports developing public-private partnerships with critical infrastructure operators to defend against cyberattacks, but not at the expense of holding those companies liable for failures to follow best practices. The idea of giving such businesses a level of protection from liability in lawsuits over successful attacks on their systems, in exchange […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.