On March 15, 2022, President Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the “Act”) into law, requiring critical infrastructure entities to report covered cybersecurity incidents…
On January 24, 2022, SEC Chair Gary Gensler gave a speech on cybersecurity rulemaking to the Annual Securities Regulation Institute, outlining a number of key points he expects the SEC…
On December 7, 2021, the New York Department of Financial Services (“DFS”) released new guidance on multifactor authentication (“MFA”), indicating that it is increasing its review of MFA during examinations,…
On November 15, 2021, President Biden signed the Infrastructure Investment and Jobs Act into law, authorizing $1.2 trillion for infrastructure spending, including approximately $2 billion for various federal cybersecurity projects.…
On September 22, 2021, the Cybersecurity and Infrastructure Security Agency (“CISA”) issued its preliminary cybersecurity performance goals for critical infrastructure. These voluntary goals, which were initially announced in President Biden’s…