CISA – Debevoise Data Blog

Artificial Intelligence

Top 10 (Well, 11) Cybersecurity Blog Posts for 2024

By: Charu A. Chandrasekhar, Luke Dembosky, Avi Gesser, Gareth Hughes, Erez Liebermann, Jim Pastore, Caroline Novogrod Swett, Marshal Bozzo, Matt Kelly, Robert Maddox, Johanna Skrzypczyk, HJ Brehmer, Stephanie Cipolla, Jackie Dorward, Melyssa Eigen, Joshua A. Goland, Martha Hirst, Karen Joo, Gabriel Kohan, Jarrett Lewis, Noah L. Schwartz, Ned Terrace, Stephanie Thomas, Annabella M. Waszkiewicz, Michiko Wongso and Mengyi Xu December 10, 2024

As we approach the end of the year, here are the Top 10 Cybersecurity posts on the Debevoise Data Blog in 2024 by page views. If you are not already…

Artificial Intelligence

Top 10 Cybersecurity Measures for Deploying AI Systems from the NSA, FBI and CISA

By: Charu A. Chandrasekhar, Avi Gesser, Erez Liebermann, Stephanie Cipolla and Noah L. Schwartz May 2, 2024

The integration of artificial intelligence into companies’ business practices poses increased cybersecurity risks, which we have previously written about here. As AI systems become ubiquitous, they also become targets for…

CISA

Webcast – CISA Proposes Major Reporting Obligations for Critical Infrastructure

By: Luke Dembosky, Erez Liebermann, HJ Brehmer and Stephanie Thomas April 12, 2024

On April 22, 2024, Luke Dembosky, Erez Liebermann, HJ Brehmer, and Stephanie Thomas from our Data Strategy and Security Group hosted the next installment of our Data Security Webcast, where…

CISA

CISA Proposes Major Reporting Obligations for Critical Infrastructure

By: Avi Gesser, Luke Dembosky, Jim Pastore, Erez Liebermann, Caroline Novogrod Swett, HJ Brehmer, Gabriel Kohan, Michael R. Roberts, Stephanie Thomas and Annabella M. Waszkiewicz April 8, 2024

Adding to the growing number of cybersecurity incident reporting obligations, the Cybersecurity and Infrastructure Security Agency (“CISA”) has introduced a reporting requirement that will impact all critical infrastructure sectors, featuring…

CISA

Security by Design and Default: CISA Looks to Drive Changes in Manufacturer Responsibility, Consumer Education and Private-Public Information Sharing

By: Luke Dembosky, Erez Liebermann and Stephanie Thomas August 14, 2023

In June, the Aspen Institute hosted a fireside chat with Jen Easterly, Director of the Cybersecurity Infrastructure Security Agency (“CISA”) to discuss current developments in cybersecurity and how the government…

CISA

New Cyber Incident Reporting Coming for Critical Infrastructure: Five Key Takeaways

By: Luke Dembosky, Avi Gesser, HJ Brehmer and Stephanie Thomas March 16, 2022

On March 15, 2022, President Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the “Act”) into law, requiring critical infrastructure entities to report covered cybersecurity incidents…

CISA

SEC Cybersecurity Update: Chair Gensler Offers Insight into Upcoming Regulation

By: Avi Gesser, Charu A. Chandrasekhar, Christopher S. Ford, HJ Brehmer and Matthew C. Rametta January 25, 2022

On January 24, 2022, SEC Chair Gary Gensler gave a speech on cybersecurity rulemaking to the Annual Securities Regulation Institute, outlining a number of key points he expects the SEC…

Announcement

The New York DFS Issues Guidance on Multifactor Authentication

By: Luke Dembosky, Avi Gesser, Jeremy Feigelson, Alexandra P. Swain, Parker Eudy and Noah L. Schwartz December 13, 2021

On December 7, 2021, the New York Department of Financial Services (“DFS”) released new guidance on multifactor authentication (“MFA”), indicating that it is increasing its review of MFA during examinations,…

CISA

An Overview of Proposed Cybersecurity Legislation: Which Incidents Are Covered, Who Counts as Critical Infrastructure, and What New Obligations Are Created?

By: Luke Dembosky, Avi Gesser, HJ Brehmer and Stephanie Thomas November 22, 2021

On November 15, 2021, President Biden signed the Infrastructure Investment and Jobs Act into law, authorizing $1.2 trillion for infrastructure spending, including approximately $2 billion for various federal cybersecurity projects.…

CISA

Emerging Cybersecurity Standards for Critical Infrastructure – Lessons from Recent Goals Released by CISA and NIST

By: Luke Dembosky, Avi Gesser, HJ Brehmer and Andres S. Gutierrez October 8, 2021

On September 22, 2021, the Cybersecurity and Infrastructure Security Agency (“CISA”) issued its preliminary cybersecurity performance goals for critical infrastructure. These voluntary goals, which were initially announced in President Biden’s…