Updates on developments in data privacy and cybersecurity
[The referenced article was originally published in Law360.]
Since August 2015, defense contractors have been on notice that they were required to implement the security controls in National Institute of Standards and Technology (“NIST”) Special Publication (“SP”) 800-171 no later than December 31, 2017 on covered contractor information systems. Although the focus has been…
Last week, the Office of Management and Budget issued an updated breach response policy for federal agencies, replacing a policy last updated in 2007. The policy, set forth in memorandum M-17-12, provides minimum standards for federal agencies in preparing for and responding to breaches of personally identifiable information (PII). In addition to setting forth…
Today, our colleagues Susan Cassidy, Ashden Fein, and John Sorrenti posted an article on Inside Government Contracts about the Department of Defense (DoD) issuing a Final Rule implementing mandatory cyber incident reporting requirements for DoD contractors and subcontractors. The article can be read here.
