Alston & Bird Privacy, Cyber & Data Strategy Blog

Department of Homeland Security Releases Recommended Framework for AI in Critical Infrastructure

November 20, 2024 By Kim Peretti and Kristen Bartolotta

On November 14, 2024, the Department of Homeland Security (“DHS”) announced a set of voluntary recommendations called the “Roles and Responsibilities Framework for Artificial Intelligence in Critical Infrastructure” (“Framework”). Recognizing the severe consequences associated with disruption to the nation’s critical infrastructure, DHS released the framework to address certain risks associated with the use of AI across critical infrastructure sectors. The Framework seeks to complement and … [Read more] about Department of Homeland Security Releases Recommended Framework for AI in Critical Infrastructure

CISA, FBI, NSA, and International Partners Issue Joint Cybersecurity Advisory for Top Routinely Exploited Vulnerabilities in 2023

November 15, 2024 By Seol Namgoong and Kim Peretti

On November 12, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”), the Federal Bureau of Investigation (“FBI”), National Security Agency (“NSA”) and certain international partners (including the Australian Signals Directorate’s … [Read more] about CISA, FBI, NSA, and International Partners Issue Joint Cybersecurity Advisory for Top Routinely Exploited Vulnerabilities in 2023

CPPA Board Advances CCPA Regulations to Formal Rulemaking; Adopts New Data Broker Regulations

November 15, 2024 By David Keating, Dorian Simmons and Yin Tydir

On November 8, 2024, the California Privacy Protection Agency (the “CPPA”) Board advanced to formal rulemaking the California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments, automated decisionmaking … [Read more] about CPPA Board Advances CCPA Regulations to Formal Rulemaking; Adopts New Data Broker Regulations

Congressional Research Service Report Sheds Light on October Telecommunications Attack by PRC-Linked Threat Actor

November 7, 2024 By Kim Peretti, Kellen Dwyer and Andrew Rice

In early October 2025, several media outlets reported that United States telecommunications services had been infiltrated by state affiliated threat actors linked to the People’s Republic of China (“PRC”). These reports were followed by a joint press … [Read more] about Congressional Research Service Report Sheds Light on October Telecommunications Attack by PRC-Linked Threat Actor

Combatting the New Insider Threat: North Korean IT Workers Posing as Remote Employees

November 6, 2024 By Kim Peretti and Zain Haq

The New York Department of Financial Services issued a cybersecurity advisory on November 1, 2024, regarding a growing threat posed by North Korean operatives seeking remote IT roles at U.S. companies. These operatives secure jobs at prominent … [Read more] about Combatting the New Insider Threat: North Korean IT Workers Posing as Remote Employees