Zack Whittaker reports: Homeland Security’s cybersecurity division is pushing to change the law that would allow it to demand information from internet providers that would identify the owners of vulnerable systems, TechCrunch has learned. Sources familiar with the proposal say the Cybersecurity and Infrastructure Security Agency (CISA), founded just less than a year ago, wants the…
Category: Federal
Senate Passes Bill Aimed At Combating Ransomware Attacks
Lindsey O’Donnell reports: The U.S. Senate has approved new legislation aimed at helping government agencies and private-sector companies combat ransomware attacks. The legislation comes as local governments and schools continue to be hit by sophisticated – and in some cases coordinated – ransomware attacks. The proposed law, the “DHS Cyber Hunt and Incident Response Teams Act,” authorizes…
SEC’s Proposed Revisions to Regulation S-K Will Minimally Impact Cybersecurity Disclosure Requirements
Sara A. Arrow and Peter A. Nelson of Patterson Belknap write: It has been thirty years since the Securities and Exchange Commission (the “SEC”) significantly revised Regulation S-K, which sets forth reporting requirements for public companies. The SEC is now taking a fresh look at the rules, proposing for public comment amendments to modernize the…
Schumer calls for federal response to school cyberattacks
Justin Murphy reports: Sen. Charles Schumer, D-N.Y., called on Congress and the FBI on Wednesday to help school districts and other local government bodies threatened by increasingly common and sophisticated cyberattacks. The issue has put school districts across New York on guard, particularly after the Syracuse City School District was hit with ransomware this year. The district paid a $50,000…
Scraping A Public Website Doesn’t Violate the CFAA, Ninth Circuit (Mostly) Holds
Orin Kerr writes: The Ninth Circuit Court of Appeals has handed down a groundbreaking decision today on the federal computer hacking law, the Computer Fraud and Abuse Act (CFAA). In HiQ Labs v. LinkedIn, the court held that scraping a public website is likely not a CFAA violation. Under the new decision, violating the CFAA…
DoD Releases Public Draft of Cybersecurity Maturity Model Certification and Seeks Industry Input
Susan B. Cassidy, Samantha Clark, Ryan Burnette and Ian Brekke of Covington & Burling write: On September 4, the Office of the Assistant Secretary of Defense for Acquisition released Version 0.4 of its draft Cybersecurity Maturity Model Certification (CMMC) for public comment. The CMMC was created in response to growing concerns by Congress and within…