Archives: Cybersecurity

Subscribe to Cybersecurity RSS Feed

Navy Modifies Acquisition Supplement to Tighten Cybersecurity Requirements and Implement the Geurts Memorandum

By Susan B. Cassidy, Ashden Fein, Moriah Daugherty and Ian Brekke on Posted in Cybersecurity, Defense Issues
Almost a year after Assistant Secretary of the Navy James Geurts issued his September 28, 2018 memorandum (Geurts Memo) imposing enhanced security controls on “critical” Navy programs, the Navy has issued an update to the Navy Marine Corps Acquisition Regulations Supplement (NMCARS) to implement those changes more formally across the Navy.  Pursuant to this update, a new … Continue Reading

DoD Releases Public Draft of Cybersecurity Maturity Model Certification and Seeks Industry Input

By Susan B. Cassidy, Samantha Clark, Ryan Burnette and Ian Brekke on Posted in Cybersecurity, Defense Issues
On September 4, the Office of the Assistant Secretary of Defense for Acquisition released Version 0.4 of its draft Cybersecurity Maturity Model Certification (CMMC) for public comment.  The CMMC was created in response to growing concerns by Congress and within DoD over the increased presence of cyber threats and intrusions aimed at the Defense Industrial … Continue Reading

Senate Armed Services Subcommittee on Cybersecurity Holds Hearing to Discuss the Responsibilities of the Defense Industrial Base

By Weiss Nusraty, Samantha Clark, Zachary Mears and Susan B. Cassidy on Posted in Cybersecurity, Defense Issues
On March 26, 2019, the Senate Armed Services Subcommittee on Cybersecurity held a hearing to receive testimony assessing how the Department of Defense’s (“DOD”) cybersecurity policies and regulations have affected the Defense Industrial Base (“DIB”). To gain a better understanding of the DIB’s cybersecurity concerns, the Subcommittee invited William LaPlante, Senior Vice President and General … Continue Reading

Senate Reintroduces IoT Cybersecurity Improvement Act

By Micha Nandaraj Gallo on Posted in Congressional Action, Cybersecurity, Internet of Things (IoT)
On March 11, 2019, a bipartisan group of lawmakers including Sen. Mark Warner and Sen. Cory Gardner introduced the Internet of Things (IoT) Cybersecurity Improvement Act of 2019. The Act seeks “[t]o leverage Federal Government procurement power to encourage increased cybersecurity for Internet of Things devices.” In other words, this bill aims to shore up … Continue Reading

Canadian Privacy Commissioner Releases Official Guidance as Data Breach Law Takes Effect

By Sari Sharoni on Posted in Cybersecurity, International Strategy, Privacy
Canada’s new data breach law, The Personal Information Protection and Electronic Documents Act (“PIPEDA”), took effect on November 1. Official guidance released by the country’s Privacy Commissioner explains a few of the law’s key provisions that will affect organizations, specifically, breach reporting and notification obligations, their triggers, and record retention. Reporting & Notification Obligations Under the … Continue Reading

Litigation Options For Post-Cyberattack ‘Active Defense’

By Alexander Berengaut and Tarek Austin on Posted in Congressional Action, Cybersecurity, Privacy, Uncategorized
In March 2017, Rep. Tom Graves, R-Ga., introduced a draft bill titled the Active Cyber Defense Certainty Act. The bill would amend the Computer Fraud and Abuse Act to enable victims of cyberattacks to employ “limited defensive measures that exceed the boundaries of one’s network in order to monitor, identify and stop attackers.”[1] More specifically, … Continue Reading
LexBlog