On March 8, 2023, the United States Department of Health and Human Services (“HHS”), through the Administration for Strategic Preparedness and Response and the Health Sector Coordinating Counsel Joint Cybersecurity Working Group, released an updated version of its Cybersecurity Framework Implementation Guide (the “Guide”) “to help the public and private health care sectors prevent cybersecurity incidents.” Specifically, the Guide aims to help healthcare organizations leverage the NIST Cybersecurity Framework to “determine their cybersecurity goals, assess their current cybersecurity practices, or lack thereof, and help identify gaps for remediation.”
U.S. National Cybersecurity Strategy
TSA Issues New Cybersecurity Requirements for Airport and Aircraft Operators
On March 7, 2023, the United States Transportation Security Administration (“TSA”) announced the issuance of new cybersecurity requirements for airport and aircraft operators on an emergency basis. “The new emergency amendment requires that impacted TSA-regulated entities develop an approved implementation plan that describes measures they are taking to improve their cybersecurity resilience and prevent disruption and degradation to their infrastructure.”…
Continue Reading TSA Issues New Cybersecurity Requirements for Airport and Aircraft Operators
White House Releases National Cybersecurity Strategy
The United States National Cybersecurity Strategy, released on March 2, 2023, is poised to place significant responsibility for cybersecurity on technology companies, federal contractors, and critical infrastructure owners and operators. The Strategy articulates a series of objectives and recommended executive and legislative actions that, if implemented, would increase the cybersecurity responsibilities and requirements of these types of entities. The overall goal of the Strategy is to create a “defensible, resilient digital ecosystem” where the costs of an attack are more than the cost of defending those systems and where “neither incidents nor errors cascade into catastrophic, systemic consequences.” The Strategy outlines two fundamental shifts to how the federal government will attempt to allocate roles, responsibilities, and resources in cyberspace. …
Continue Reading White House Releases National Cybersecurity Strategy