Cybersecurity and Infrastructure Security Agency (CISA)

Subscribe to Cybersecurity and Infrastructure Security Agency (CISA)

On October 25, 2023, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Department of Health and Human Services (“HHS”) released a cybersecurity toolkit containing resources and information that organizations in the healthcare and public health (HPH) sector can utilize to reduce their cyber risk.

Continue reading.

After months of diplomatic engagement, the early morning of February 24, 2022 saw what President Biden called an “unprovoked and unjustified attack by Russian military forces” on Ukraine. Numerous news reports also have described significant cyber attacks against Ukrainian systems. According to those reports, these attacks follow multiple waves of cyber attacks in the past

Eric Goldstein has served as the Executive Assistant Director for Cybersecurity for the Cybersecurity and Infrastructure Security Agency (CISA) since February. In this role, he leads CISA’s mission to protect and strengthen federal civilian agencies and the nation’s critical infrastructure against cyber threats. Eric will be in conversation with Stephen Lilley, former Chief Counsel to

In remarks on October 13, 2021, at the Cybersecurity and Infrastructure Security Agency (“CISA”) National Cybersecurity Summit, Acting Assistant Attorney General Brian Boynton fleshed out the Department of Justice’s (“DOJ”) thinking regarding the nature of the cybersecurity failures that are likely targets for potential False Claims Act (“FCA”)1 enforcement under the Civil Cyber-Fraud Initiative

On September 21, 2021, the US Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) announced several actions intended to “advance the United States government’s broader counter-ransomware strategy,” including an update to OFAC’s October 2020 advisory on ransomware payments and the first Specially Designated National (“SDN”) designation of a virtual currency exchange. OFAC’s action

In the wake of the May 2021 ransomware attack on a major US oil pipeline, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) has released a security directive1 (the “TSA Directive”) to better “identify, protect against, and respond to threats to critical companies in the pipeline sector.” The TSA Directive was released

On April 15, 2021, the Biden administration announced an expansion of existing sanctions against the Russian government, notably including the intelligence service and affiliated parties identified as being responsible for the SolarWinds cyber-attack and other “specified harmful foreign activities,” and signaled a potential willingness to impose additional measures relating to Information and Communications Technology and

The William (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021 (“NDAA”) enacts major changes to America’s cyber defenses, reshaping how the private sector can combat growing cyber threats, as well as realigning roles and responsibilities of federal government agencies. This Legal Update discusses select cyber provisions in the NDAA and highlights key takeaways

On October 19, 2020, the Cyberspace Solarium Commission released a new white paper, “Building a Trusted ICT Supply Chain.” Join us for a discussion of the threats identified, the challenges ahead, and the Solarium Commission’s recommendations as how to protect and promote a trusted supply chain.

To view this webinar, please visit the event website

Cybersecurity and data privacy presented some of the most complex legal questions and business risks that multinational companies faced in 2018. Businesses should expect continued growth in cyber and data privacy challenges in 2019.

Cyber attacks became even more sophisticated and severe in 2018, with incidents ranging from exfiltration and extortion schemes, to attacks on