On September 28, 2021, Senators Gary Peters and Rob Portman, respectively Chairman and Ranking Member of the Homeland Security and Government Affairs Committee, introduced a bipartisan bill that would require owners and operators of critical infrastructure to notify the Director of the Cybersecurity and Infrastructure Security Agency within 72 hours of having a reasonable belief that a covered cyber incident has occurred.
Continue Reading U.S. Senators Introduce Bipartisan Bill on Reporting Critical Infrastructure Cyber Incidents and Ransomware Payments

On September 22, 2021, Secretary of Homeland Security Alejandro N. Mayorkas and Secretary of Commerce Gina Raimondo released a joint statement on the Department of Homeland Security’s issuance of preliminary Critical Infrastructure Control Systems Cybersecurity Performance Goals and Objectives. The Preliminary Goals identify nine overarching control system cybersecurity performance goals, each containing specific objectives to support the deployment and operation of secure control systems.
Continue Reading DHS Issues Cybersecurity Guidance for Critical Infrastructure Firms

On September 14 and 15, 2021, the National Institute of Standards and Technology held a public workshop, as part of its effort to create a consumer labeling program to communicate the security capabilities of consumer Internet of Things devices and software development practices, as mandated by the Biden administration’s May 2021 Executive Order on Improving the Nation’s Cybersecurity.
Continue Reading NIST Holds a Two-Day Public Workshop on Cybersecurity Labeling Programs for Internet of Things Devices and Software

On September 14, 2021, the U.S. House Committee on Energy and Commerce voted in favor of a legislative recommendation that would create a new FTC privacy bureau as part of the proposed $3.5 trillion federal budget reconciliation package.
Continue Reading U.S. House Committee Votes to Create New FTC Privacy Bureau and Appropriate $1 Billion to the Agency

In July 2021, the U.S. Department of Homeland Security’s Transportation Security Administration announced a new Security Directive requiring owners and operators of certain critical pipelines transporting hazardous liquids and natural gas to implement specific cybersecurity measures.
Continue Reading U.S. Department of Homeland Security Announces Additional Pipeline Cybersecurity Directive

On July 28, 2021, President Biden signed a National Security Memorandum that formally establishes an Industrial Control Systems Cybersecurity Initiative and directs the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and the Department of Commerce’s National Institute of Standards and Technology, in collaboration with other agencies, to develop and issue cybersecurity performance goals for critical infrastructure.
Continue Reading White House Issues Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems

Earlier this month, President Biden signed the Executive Order on Promoting Competition in the American Economy. The stated goal of the Executive Order is to increase competition in the United States and resolve issues related to monopolistic behaviors, including with respect to privacy and data protection.
Continue Reading President Biden Signs Executive Order to Promote Fair Competition and Further Regulate Data Privacy