Amy Mushahwar

About Amy Mushahwar

Amy Mushahwar is a partner with Alston & Bird’s Privacy, Cyber & Data Strategy Team. Amy has over 20 years of experience in the technology space and focuses her practice on data security, cyber risk, privacy, and emerging technologies. She advises clients on proactive data security practices, data breach incident response, and regulatory compliance.

[Read Bio]

White House Releases Recommendations to Protect Against Potential Cyberattacks

March 22, 2022 By Amy Mushahwar and Kristen Bartolotta

The potential for malicious cyber activity has been a concern for the Biden administration throughout the evolving crisis in Ukraine (including the imposition of sanctions against Russia). In response to the concern, the Biden administration, which is now facing “evolving intelligence that Russia may be exploring options for potential cyberattacks,” has released recommendations for companies […]

Department of Defense Suspends the CMMC Pilot Program And CMMC Requirements In DoD Solicitations Pending Major Changes For CMMC 2.0.

November 5, 2021 By Amy Mushahwar and Jon Knight

The Department of Defense (“DoD”) recently announced it will be revamping the nascent Cybersecurity Maturity Model Certification (“CMMC”) program pending two separate rulemaking processes. As detailed below, the DoD will be updating “the program structure and the requirements to streamline and improve implementation of the CMMC program.” We will be monitoring the rulemaking process for […]

NYDFS Issues Guidance on Cybersecurity Controls to Combat Ransomware and Clarifies Reporting Obligations

July 3, 2021 By Lance Taubin, Kate Hanniford, Kim Peretti and Amy Mushahwar

The New York Department of Financial Services (NYDFS) issued new guidance this week intended to assist organizations in thwarting ransomware attacks. The guidance clarifies the NYDFS’ expectation that NYDFS-regulated companies should “implement these controls whenever possible” and report any successful deployment of ransomware or unauthorized access to privilege accounts to the NYDFS under its established […]

Russia Sanctioned For Role In SolarWinds Supply Chain Attack

April 20, 2021 By Amy Mushahwar and Jon Knight

On April 15, 2021, the Biden Administration took a significant step in announcing sanctions against the Russian Government and private Russian entities for multiple internationally-destabilizing activities, including the Russian Foreign Intelligence Service’s (SVR) supply chain attack of the SolarWinds Orion platform and other technology infrastructures. In addition to the sanctions, the Administration also provided practical […]

State Financial Regulators Issue Ransomware Mitigation Tool

October 16, 2020 By Kim Peretti, Amy Mushahwar and Alysa Austin

On October 13, 2020, state financial regulators in partnership with the Bankers Electronic Crimes Taskforce and the U.S. Secret Service, released the Ransomware Self-Assessment Tool (R-SAT) to help financial institutions mitigate the risks of ransomware. The R-SAT is a detailed questionnaire designed to evaluate the effectiveness of an institution’s general security controls as well as […]