Tag Archives: Information Sharing

FTC Recaps Connected Cars Privacy and Security Workshop

On January 9, 2018, the FTC issued a paper recapping the key takeaways from the FTC’s and National Highway Traffic Safety Administration’s June 2017 workshop on privacy and security issues involving connected cars. The workshop featured representatives from consumer groups, industry, government and academia.… Continue Reading

NIAC Issues Recommendations to Improve Critical Infrastructure Cybersecurity

On August 22, 2017, the National Infrastructure Advisory Council issued a report entitled Securing Cyber Assets: Addressing Urgent Cyber Threats to Critical Infrastructure. The NIAC Report notes that sophisticated and readily available malicious cyber tools and exploits have lowered the barrier to cost and increased the potential for successful cyber attacks. … Continue Reading

Germany Issues Ethics Report on Automated and Connected Cars

On June 20, 2017, the German Federal Ministry of Transport and Digital Infrastructure issued a report on the ethics of Automated and Connected Cars. The Report was developed by a multidisciplinary Ethics Commission established in September 2016 for the purpose of developing essential ethical guidelines for the use of automated and connected cars. … Continue Reading

Federal Energy Regulatory Commission Publishes Final CEII Regulations

Last month, the Federal Energy Regulatory Commission published its final Regulations Implementing FAST Act Section 61003-Critical Electric Infrastructure Security and Amending Critical Energy Infrastructure Information. The CEII Regulations are intended to implement new authority granted to FERC by the Fixing America’s Surface Transportation Act, which became law in December 2015.… Continue Reading

NHTSA Releases New Automobile Cybersecurity Best Practices

The National Highway Safety Administration (“NHTSA”) recently issued non-binding guidance that outlines best practices for automobile manufacturers to address automobile cybersecurity. The guidance, entitled Cybersecurity Best Practices for Modern Vehicles (the “Cybersecurity Guidance”), was recently previewed in correspondence with the House of Representatives’ Committee on Energy and Commerce (“Energy and Commerce Committee”).… Continue Reading

NHTSA Set to Release New Automobile Cybersecurity Best Practices

On October 14, 2016, the National Highway Transportation Administration indicated in a letter to Congress that it intends to issue new best practices on vehicle cybersecurity. This letter came in response to an earlier request from the House Committee on Energy and Commerce that NHTSA convene an industry-wide effort to develop a plan to address vulnerabilities posed to vehicles by On-Board Diagnostics ports. … Continue Reading

UK ICO Seeks Personal Liability for Directors

On October 13, 2016, Elizabeth Denham, the UK Information Commissioner, suggested at a House of Commons Public Bill Committee meeting that directors of companies who violate data protection laws should be personally liable to pay fines.… Continue Reading

G-7 Endorses Best Practices for Bank Cybersecurity

On October 11, 2016, Group of Seven financial leaders endorsed the Fundamental Elements of Cybersecurity for the Financial Sector, a set of non-binding best practices for banks and financial institutions to address cybersecurity threats. … Continue Reading

Department of Defense Finalizes Rule for Cyber Incident Reporting

On October 4, 2016, the U.S. Department of Defense finalized a new mandatory cyber incident reporting rule for defense contractors. The new rule applies to DoD contractors and subcontractors that are targets of any cyber incident with a potential adverse impact on information systems and "covered defense information" on those systems. … Continue Reading

China Publishes Regulation on the Use of Resident Identity Cards

Recently, the People’s Republic of China’s Ministry of Public Security, the National Development and Reform Commission and six other administrative departments jointly published the Announcement on Regulating the Administration of the Use of Resident Identity Cards. The Announcement came into effect on July 15, 2016, the date of its issuance.… Continue Reading

UK Government Ends NHS Patient Database Scheme

On July 6, 2016, the UK government decided to close its controversial care.data scheme after concerns were raised about the safeguards in place to protect individuals’ health care data and issues with patient transparency.… Continue Reading

Simulated Attack on Power Grid Highlights Need for Improved Communications

In its third simulated test of the security of the power grid, the North American Reliability Corporation (“NERC”) reported general progress across the electric utility industry in defending against physical and cyber threats, while also identifying several areas for further improvement. The NERC exercise, dubbed GridEx III, took place over two days in November 2015 … Continue Reading

Department of Homeland Security Issues Procedures Regarding Sharing Cybersecurity Information

On February 16, 2016, the Department of Homeland Security, in collaboration with other federal agencies, released a series of documents outlining procedures for both federal and non-federal entities to share and disseminate cybersecurity information. These documents were released as directed by the Cybersecurity Act of 2015, signed into law on December 18, 2015.… Continue Reading

U.S. Congress Releases Compromise Bill on Cybersecurity Information Sharing

On December 16, 2015, leaders in the U.S. House of Representatives and Senate released an omnibus spending bill that contained cybersecurity information sharing language that is based on a compromise between the Senate’s Cybersecurity Information Sharing Act and two cybersecurity information sharing bills that passed in the House earlier this year. … Continue Reading

Senate Passes Cybersecurity Information Sharing Act

On October 27, 2015, the U.S. Senate passed S.754 - Cybersecurity Information Sharing Act of 2015 by a vote of 74 to 21. This bill is intended to facilitate and encourage the sharing of Internet traffic information between and among companies and the federal government to prevent cyber attacks.… Continue Reading
LexBlog