October 22, 2013, the National Institute for Standards and Technology (NIST) posted a preliminary cybersecurity framework (the “Framework”) on its website. The complete Framework had been expected to be unveiled earlier in October, but was delayed as a result of the federal government shutdown. For background on earlier activity with respect to the Framework, please see the […]
Cybersecurity
NIST Meeting to Finalize Cybersecurity Framework
Ongoing efforts to finalize a framework for the development of voluntary cybersecurity standards for critical infrastructure industries continued in Dallas this week. NIST led a workshop with government and private sector officials to work through the details of the draft framework published on August 28th and required under Executive Order 13636. A formal proposal will be issued for […]
New European Data Breach Rules for Telcos and ISPs
On August 25, 2013, a new European Regulation came into effect that changed and expanded upon the breach notification procedures set forth in the E-Privacy Directive (2002/58/EC). The Regulation outlines two independent notification obligations: (1) notification to the relevant national authority within 24 hours after detection of a personal breach where feasible; and (2) notification […]