On May 7, 2024, the Biden Administration released the second version of the National Cybersecurity Strategy Implementation Plan as well as the first Report on the Cybersecurity Posture of the United States. These actions reflect the Administration’s continued focus on enhancing the cybersecurity of critical infrastructure and software as well as its work to
Lauren Williams
NYDFS Releases Amendment to Cybersecurity Regulation
On November 1, 2023, the New York Department of Financial Services (“NYDFS”) finalized the amendment to its cybersecurity regulation (the “Amendment”). The Amendment expands cybersecurity requirements across many areas—from governance to incident response to access controls.
The Amendment follows the three published drafts: two proposals published for formal notice and comment in November 2022 and…
Upcoming Publication of New NYDFS Cybersecurity Requirements for Financial Services Companies
The Second Amendment to the New York Department of Financial Services’ (“NYDFS”) Cybersecurity Requirements for Financial Services Companies (the “NYDFS Requirements”) is expected to be published in final form in the next two weeks. The Second Amendment will follow updated proposed amendments to the NYDFS Requirements published on June 28, 2023 (the “2023 Proposal”),1…
Round-Up: Proscriptive ICTS Supply Chain Regulation as a Means of Addressing Cyber Risk
Cybersecurity Awareness Month is a good time to highlight one trend in federal efforts to address cyber risk: proscriptive regulation of the information and communications technology and services (“ICTS”) supply chain.
Supply chain risk management is a broad field encompassing, among other things, federal efforts to improve software security, and proposals to revise the FAR…
Artificial Intelligence and Cybersecurity: Key Topics at the 78th United Nations General Assembly
Recently, world leaders and key stakeholders gathered for the 78th session of the United Nations General Assembly (“UNGA”) to discuss global challenges with the goal of furthering peace, security, and sustainable development. A key topic of discussion was the “digital revolution,” focusing on the opportunities and challenges presented by artificial intelligence (“AI”), as well as…
NIST Releases Cybersecurity Framework Version 2.0
On August 8, 2023, the National Institute of Standards and Technology (“NIST”) released a draft of The NIST Cybersecurity Framework (CSF) 2.0,1 (the “CSF” or “Framework”) along with a Discussion Draft of the Implementation Examples.2 This draft makes the most significant changes to the Framework since its initial release in 2014.…