Department of Homeland Security (DHS)

In the wake of the May 2021 ransomware attack on a major US oil pipeline, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) has released a security directive1 (the “TSA Directive”) to better “identify, protect against, and respond to threats to critical companies in the pipeline sector.” The TSA Directive was released

The William (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021 (“NDAA”) enacts major changes to America’s cyber defenses, reshaping how the private sector can combat growing cyber threats, as well as realigning roles and responsibilities of federal government agencies. This Legal Update discusses select cyber provisions in the NDAA and highlights key takeaways

Cybersecurity and data privacy presented some of the most complex legal questions and business risks that multinational companies faced in 2018. Businesses should expect continued growth in cyber and data privacy challenges in 2019.

Cyber attacks became even more sophisticated and severe in 2018, with incidents ranging from exfiltration and extortion schemes, to attacks on

The cybersecurity and data privacy landscape raised new and challenging questions for businesses and governments around the world in 2017. We are poised to see new waves of technological disruption and legal complexity in 2018.

Continue Reading

On May 11, 2017, President Donald Trump signed Executive Order 13800 (“EO 13800”), titled “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” This executive order constitutes the first significant action to address cybersecurity by the Trump administration. The executive order is divided into three sections addressing cybersecurity for federal networks, critical infrastructure, and the

On December 29, 2016, President Obama issued an executive order to authorize several actions in response to cyber activities of the Russian government that were related to the 2016 US election.1 The action receiving the most public attention was the imposition of primary economic sanctions on nine persons found to be responsible for or

On December 1, 2016, the US Commission on Enhancing National Cybersecurity (the “Commission”) presented its final report to President Obama, Report on Securing and Growing the Digital Economy. While directed to President Obama, the report is also intended to be a helpful guide for the next administration on “strengthening cybersecurity in the public and

On September 30, 2016, the US Department of Homeland Security publicly released its Draft National Cyber Incident Response Plan. This draft document provides a detailed and strategic framework to guide engagement and activity on cyber incident response and is intended to be used by a full range of stakeholders, including individuals; the private and

On February 16, 2016, the federal government released new implementation guidance regarding the recently passed Cybersecurity Information Sharing Act of 2015 (CISA). In this update we discuss the four key topics addressed by the guidance, with particular emphasis on their relevance for private entities.

Continue reading.