Tuesday, January 25, 2022

Subscribers Only

Free

2021 Privacy and Cybersecurity Year in Review

2021 saw the kickoff of the Lina Khan era at the FTC. During her first nine months as chair, she has announced privacy and...

Katko Announced “CISA 2025” Initiative to Enhance CISA

Representative John Katko (R-NY), the ranking member of the House Homeland Security Committee, has introduced “CISA 2025,” an initiative to more than double the agency’s annual budget to $5 billion in the next 3 years. Katko argues that the agency is on a cusp between “strictly a regulatory agency” and “a collaborative agency, working with […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

FBI Just Wants Cyber Incident Reporting Law to Keep Them in the Loop

The FBI is asking that – however legislation is eventually written to require the reporting of cybersecurity incidents to the federal government – they be explicitly added to loop. CISA has been identified in recent legislative drafts as the designated federal contact point. Bryan Vorndran of the FBI’s cyber division has explained that they are not […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

The Impact of Cybersecurity Regulations on the Financial Services Industry in 2022

Following the SolarWinds and the Colonial Pipeline cyberattacks, the Biden Administration has emphasized a shift toward mandatory cybersecurity requirements. Financial regulatory agencies have since issued new cybersecurity regulations that will impact financial services industries in 2022, and they should respond in three ways: Develop or update written information security/cybersecurity programs and implement robust cybersecurity standards. […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

GAO Audit of SolarWinds Response

The Government Accountability Office reports that information sharing between federal agencies was “slow, difficult and time consuming” as they worked to respond to the SolarWinds cyberattack last year. The friction occurred between the private and public sectors, and between agencies, particularly with different levels of classification for information. GAO proposes a centralized forum that could […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Top Public Sector Cybersecurity Threat

According to SolarWinds’ Public Sector Cybersecurity Survey Report, careless/untrained employees are no longer regarded as the sector’s greatest cybersecurity concerns. Scored by IT operations and security decision makers at 52%, they now place slightly lower than hackers (56%), but still higher than foreign governments (47%). The rankings varies by subsector, however, with federal civilian agencies […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Log4j Vulnerability Prompts Insurance Commissioners to Issue Guidance

On December 11, 2021, in partnership with the FBI and NSA, CISA announced a critical remote code execution vulnerability had been identified in the...

The Log4j Vulnerability: What This Critical Vulnerability Means for Your Enterprise

As companies scramble to address the newly exploited, ubiquitous Log4j vulnerability, companies’ actions are now the potential source for government scrutiny. Our Privacy, Cyber & Data Security Team summarizes what the Log4j vulnerability is and how it’s being exploited, the recent Federal Trade Commission admonition to take the vulnerability seriously, and published guidance from the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

The Cyberlaw Podcast: The FTC Jumps Into Log4j Cleanup With One Foot

In the latest edition of the Cyberlaw Podcast, Steptoe attorneys discuss FTC’s focus on cyber enforcement; China’s tech regulatory landscape; purported conflict between a pair of top White House cyber advisors, and more. More at Lawfare
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Log4j and SolarWinds Offer Similar Lessons

Log4j, the most visible cybersecurity threat since SolarWinds, has organizations scrambling to find and fix instances of certain software. Gordon Bitko, former FBI CIO, now senior vice president of policy at the Information Technology Industry Council, joined Federal Drive to discuss the situation. He says the two incidents are totally different technically, but offer the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.