Tag Archives: Cybersecurity Executive Order

U.S. Treasury Secretary Lew Emphasizes Cyber-Risks for Financial Institutions

Written by
In remarks delivered earlier this month, U.S. Treasury Secretary Jacob Lew highlighted the dangers of “cyber intrusions” to financial institutions. Secretary Lew cited more than 250 cyber attacks against U.S. banks and credit unions since 2011, as well as recent hacks and credit card thefts against major retailers. “Cyber attacks on our financial system represent a real threat to our economic and national security,” said Secretary Lew. To combat cyber attacks, Secretary Lew recommended that financial institutions adopt the NIST Cybersecurity Framework, stating that “every [...] Read more

NIST releases final Cybersecurity Framework

Written by
The National Institute of Standards and Technology (“NIST”) has released the final version of the much-anticipated Framework for Improving Critical Infrastructure Cybersecurity (the “Framework”). The Framework was developed by NIST at the direction of President Obama’s February 12, 2013, Executive Order 13636, “Improving Critical Infrastructure Cybersecurity” (the “Executive Order”). The Framework largely retains the structure and components of the preliminary version of the Framework (a discussion of which can be found here), including (i) the Framework Core, (ii) the Framework [...] Read more

White House Cybersecurity Coordinator to Deliver Keynote at Law & Policy In-House Summit in Washington, D.C.

Written by
The Global Law Forum will host The Cybersecurity Law & Policy In-House Summit in Washington D.C. on January 14 and 15, 2014. The Summit will showcase panel discussions addressing a myriad of issues relevant to corporate counsel including establishing data breach response plans, understanding the cybersecurity insurance market, achieving Board of Directors and company buy-in on cybersecurity measures, as well as preparing for the upcoming final NIST Cybersecurity Framework and its potential to establish a new standard of care for liability. Special Assistant to President Obama and U.S. Cybersecurity [...] Read more

NIST’s Preliminary Cybersecurity Framework Could Have Broad Implications for Critical, Non-Critical Infrastructure Alike

Written by and
On October 22, 2013, the National Institute of Standards and Technology (NIST) released its Preliminary Cybersecurity Framework (“Framework”), marking one of the final steps in creating the “voluntary” Framework envisioned in an Obama Administration Executive Order (EO) issued earlier this year. That EO, which was designed to strengthen the cybersecurity of the United States’ critical infrastructure, required NIST to work with the private sector to develop a cybersecurity Framework to reduce the risks from cyber attacks. The Framework is designed to identify beneficial [...] Read more

NIST Releases Preliminary Cybersecurity Framework

Written by
October 22, 2013, the National Institute for Standards and Technology (NIST) posted a preliminary cybersecurity framework (the “Framework”) on its website. The complete Framework had been expected to be unveiled earlier in October, but was delayed as a result of the federal government shutdown. For background on earlier activity with respect to the Framework, please see the following blog entries: White House Announces Creation of “Voluntary Program” to Encourage Adoption of Cybersecurity Framework, Provides Incentives for Joining, NIST Releases Discussion Draft of Framework for Improving [...] Read more

NIST Meeting to Finalize Cybersecurity Framework

Written by
Ongoing efforts to finalize a framework for the development of voluntary cybersecurity standards for critical infrastructure industries continued in Dallas this week.  NIST led a workshop with government and private sector officials to work through the details of the draft framework published on August 28th and required under Executive Order 13636. A formal proposal will be issued for comment next month and a final framework published early next year. This week, NIST is specifically seeking input on implementation of the framework and ideas on its next iteration─a version 2.0.  At this [...] Read more