The Cybersecurity and Infrastructure Security Agency recently released the first iteration of the agency’s Cross-Sector Cybersecurity Performance Goals.
Continue Reading CISA Releases Cross-Sector Cybersecurity Performance Goals
Cybersecurity and Infrastructure Security Agency
Cyber Incident Reporting for Critical Infrastructure Act
The Cybersecurity and Infrastructure Security Agency released a Request for Information seeking public input regarding the recently passed Cyber Incident Reporting for Critical Infrastructure Act of 2022. …
Continue Reading Cyber Incident Reporting for Critical Infrastructure Act
President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity
On June 21, 2022, President Biden signed into law, the State and Local Government Cybersecurity Act of 2021 and the Federal Rotational Cyber Workforce Program Act, two bipartisan bills aimed at enhancing the cybersecurity postures of the federal, state and local governments.
Continue Reading President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity
FTC Puts Companies on Notice that Failure to Identify and Patch Instances of Log4j May Violate FTC Act
On January 4, 2022, the Federal Trade Commission published a blog post reminding companies that “the duty to take reasonable steps to mitigate known software vulnerabilities implicates laws including, among others, the Federal Trade Commission Act and the Gramm Leach Bliley Act,” in response to Log4Shell’s public disclosure of the Log4j vulnerability.
Continue Reading FTC Puts Companies on Notice that Failure to Identify and Patch Instances of Log4j May Violate FTC Act
TSA Announces New Security Directives for Rail Sector
On December 2, 2021, the Transportation Security Administration announced that it issued two security directives requiring higher-risk freight railroads, passenger rail and rail transit to implement measures to strengthen cybersecurity within the sector.
Continue Reading TSA Announces New Security Directives for Rail Sector