Framework

NIST Releases Cybersecurity Framework Version 2.0

By Rajesh De, Laura D. Richman, Stephen Lilley, Adam Hickey, Sasha Keck, Evan Williams & Lauren Williams on August 16, 2023

Posted in Cybersecurity, Regulation, United States

On August 8, 2023, the National Institute of Standards and Technology (“NIST”) released a draft of The NIST Cybersecurity Framework (CSF) 2.0,¹ (the “CSF” or “Framework”) along with a Discussion Draft of the Implementation Examples.² This draft makes the most significant changes to the Framework since its initial release in 2014.…

Financial Stability Board Proposes Cyber Incident Response and Recovery Best Practices

By Rajesh De, David A. Simon, Jeffrey P. Taft, Matthew Bisanz & Kelly Truesdale on May 4, 2020

Posted in Breaches & Incident Response, Cybersecurity, EU / EEA, Financial Services, United States

On April 20, 2020, the Financial Stability Board released a “consultative document” on Effective Practices for Cyber Incident Response and Recovery (the “Proposal”). The Proposal requests public comment on a “toolkit” of effective practices designed to assist financial institutions in cyber incident response and recovery activities. This Legal Update discusses the content and context of…