On August 8, 2023, the National Institute of Standards and Technology (NIST) released the initial draft of its Cybersecurity Framework 2.0 and draft Implementation Examples for public comment. This marks the first significant update to the NIST Cybersecurity Framework (“Framework”) since its initial release in 2014, which is intended to address current and future cybersecurity […]
Chinese Hackers Exploit Gap in Cloud Environment Used by U.S. Government
According to recent reports issued by Microsoft and U.S. government agencies, hackers recently exploited a gap in Microsoft’s cloud environment, enabling the malicious actors to access the email accounts of employees at the United States Commerce and State Departments. Including the U.S. government, around 10 organizations were victimized in the U.S. and about 25 were […]
California Privacy Protection Agency Issues Invitation for Preliminary Comments on Proposed Rulemaking on Risk Assessments, Cybersecurity Audits, and Automated Decisionmaking
The California Privacy Protection Agency (CPPA) issued an Invitation for Preliminary Comments on Proposed Rulemaking (Invitation) Friday as it considers new rules regarding Risk Assessments, Cybersecurity Audits, and Automated Decisionmaking. The proposed rulemaking is pursuant to California Civil Code § 1798.185(a)(15)-(16), which directs the CPPA to draft regulations on these topics. Although the Invitation enumerates […]
California Privacy Protection Agency Approves CCPA Regulations
The California Privacy Protection Agency (CPPA) voted unanimously Friday to approve the newest version of the draft California Consumer Privacy Act (CCPA) regulations. These regulations are substantively the same as those considered by the CPPA Board during its October 2022 meeting. This vote marks the conclusion of a chapter that began in May 2022, when […]
Alston & Bird Hosts Webinar on Privacy and Data in 2023: A Look Ahead
On January 31, 2023, at 12:30 – 1:30 pm ET, join Peter Swire, Wim Nauwelaerts, David Keating, Karen Sanzaro, and Dorian Simmons in an engaging discussion focusing on trends and anticipated developments in privacy and cyber law in 2023. We will discuss recent regulatory and industry developments in the U.S. and E.U., where things appear […]