In the wake of the May 2021 ransomware attack on a major US oil pipeline, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) has released a security directive1 (the “TSA Directive”) to better “identify, protect against, and respond to threats to critical companies in the pipeline sector.” The TSA Directive was released
Department of Homeland Security (DHS)
The U.S. National Defense Authorization Act for Fiscal Year 2021: Cybersecurity Provisions
The William (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021 (“NDAA”) enacts major changes to America’s cyber defenses, reshaping how the private sector can combat growing cyber threats, as well as realigning roles and responsibilities of federal government agencies. This Legal Update discusses select cyber provisions in the NDAA and highlights key takeaways…
2019 Outlook: Cybersecurity and Data Privacy
Cybersecurity and data privacy presented some of the most complex legal questions and business risks that multinational companies faced in 2018. Businesses should expect continued growth in cyber and data privacy challenges in 2019.
Cyber attacks became even more sophisticated and severe in 2018, with incidents ranging from exfiltration and extortion schemes, to attacks on…
2018 INSIGHT: Missiles, Malware and Merger Management: Why Cybersecurity and Data Privacy Matter to M&A Practitioners—Part IV
Bylined article by Corporate & Securities partner Joe Castelluccio (New York).
2018 Outlook: Cybersecurity and Data Privacy
The cybersecurity and data privacy landscape raised new and challenging questions for businesses and governments around the world in 2017. We are poised to see new waves of technological disruption and legal complexity in 2018.
U.S. President Trump Signs Executive Order Addressing Cybersecurity
On May 11, 2017, President Donald Trump signed Executive Order 13800 (“EO 13800”), titled “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” This executive order constitutes the first significant action to address cybersecurity by the Trump administration. The executive order is divided into three sections addressing cybersecurity for federal networks, critical infrastructure, and the…
President Obama Imposes Cyber-Related Sanctions in Response to Russian Interference in the 2016 US Election
On December 29, 2016, President Obama issued an executive order to authorize several actions in response to cyber activities of the Russian government that were related to the 2016 US election.1 The action receiving the most public attention was the imposition of primary economic sanctions on nine persons found to be responsible for or…
National Cyber Commission Releases Report on Recommendations
On December 1, 2016, the US Commission on Enhancing National Cybersecurity (the “Commission”) presented its final report to President Obama, Report on Securing and Growing the Digital Economy. While directed to President Obama, the report is also intended to be a helpful guide for the next administration on “strengthening cybersecurity in the public and…
Department of Homeland Security Releases Draft National Cyber Incident Response Plan
On September 30, 2016, the US Department of Homeland Security publicly released its Draft National Cyber Incident Response Plan. This draft document provides a detailed and strategic framework to guide engagement and activity on cyber incident response and is intended to be used by a full range of stakeholders, including individuals; the private and…
New Implementation Guidance for the US Cybersecurity Information Sharing Act
On February 16, 2016, the federal government released new implementation guidance regarding the recently passed Cybersecurity Information Sharing Act of 2015 (CISA). In this update we discuss the four key topics addressed by the guidance, with particular emphasis on their relevance for private entities.