Cybersecurity and Infrastructure Security Agency

Subscribe to Cybersecurity and Infrastructure Security Agency

CISA Releases Cross-Sector Cybersecurity Performance Goals

Posted on November 29, 2022

Posted in Cybersecurity, Information Security, U.S. Federal Law

The Cybersecurity and Infrastructure Security Agency recently released the first iteration of the agency’s Cross-Sector Cybersecurity Performance Goals.
Continue Reading CISA Releases Cross-Sector Cybersecurity Performance Goals

Cyber Incident Reporting for Critical Infrastructure Act

Posted on September 30, 2022

Posted in Cybersecurity, Information Security, U.S. Federal Law

The Cybersecurity and Infrastructure Security Agency released a Request for Information seeking public input regarding the recently passed Cyber Incident Reporting for Critical Infrastructure Act of 2022. …
Continue Reading Cyber Incident Reporting for Critical Infrastructure Act

President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity

Posted on July 5, 2022

Posted in Cybersecurity, Information Security, U.S. Federal Law, U.S. State Law, Workplace Privacy

On June 21, 2022, President Biden signed into law, the State and Local Government Cybersecurity Act of 2021 and the Federal Rotational Cyber Workforce Program Act, two bipartisan bills aimed at enhancing the cybersecurity postures of the federal, state and local governments.
Continue Reading President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity

FTC Puts Companies on Notice that Failure to Identify and Patch Instances of Log4j May Violate FTC Act

Posted on February 22, 2022

Posted in Cybersecurity, Financial Privacy, Online Privacy, Security Breach, U.S. Federal Law

On January 4, 2022, the Federal Trade Commission published a blog post reminding companies that “the duty to take reasonable steps to mitigate known software vulnerabilities implicates laws including, among others, the Federal Trade Commission Act and the Gramm Leach Bliley Act,” in response to Log4Shell’s public disclosure of the Log4j vulnerability.
Continue Reading FTC Puts Companies on Notice that Failure to Identify and Patch Instances of Log4j May Violate FTC Act

TSA Announces New Security Directives for Rail Sector

Posted on December 6, 2021

Posted in Cybersecurity, Information Security

On December 2, 2021, the Transportation Security Administration announced that it issued two security directives requiring higher-risk freight railroads, passenger rail and rail transit to implement measures to strengthen cybersecurity within the sector.
Continue Reading TSA Announces New Security Directives for Rail Sector

Menu

Privacy & Information Security Law Blog

Cybersecurity and Infrastructure Security Agency

CISA Releases Cross-Sector Cybersecurity Performance Goals

Cyber Incident Reporting for Critical Infrastructure Act

FTC Puts Companies on Notice that Failure to Identify and Patch Instances of Log4j May Violate FTC Act

TSA Announces New Security Directives for Rail Sector

Attorney Advertising

About Our Practice Group