Tag Archives: DHS

U.S. Department of Homeland Security Launches First-Ever Cyber Safety Review Board

Earlier this week, the U.S. Department of Homeland Security (DHS) announced the establishment of the Cyber Safety Review Board (CSRB), as directed in President Biden’s Executive Order 14028 on Improving the Nation’s Cybersecurity. The CSRB is a public-private initiative that will bring together government and industry leaders to elevate U.S. cybersecurity.

The CSRB will review and assess significant cybersecurity events, so that government,… More

U.S. Department of Homeland Security Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators

On May 27, 2021, the Department of Homeland Security’s Transportation Security Administration (TSA) announced a Security Directive that will enable DHS to better identify, protect against, and respond to threats to critical companies in the pipeline sector.  (And for those in other business sectors, this is a potential preview of cybersecurity regulation to come.)

“The cybersecurity landscape is constantly evolving and we must adapt to address new and emerging threats,” said Secretary of Homeland Security Alejandro N.… More

Department of Homeland Security Releases Homeland Threat Assessment

On October 6, 2020, the Department of Homeland Security (“DHS”) released a 2020 Homeland Threat Assessment (“HTA”).  According to Acting Secretary Chad F. Wolf, the “first of its kind report” identifies the primary threats facing the nation and analyzes the vast array of information coming from all DHS operational components that crosses his desk on a daily basis.  “When the American people read this HTA they will be more aware of the traditional threats facing the Homeland like terrorism and organized crime.  … More

March 13, 2020 Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency Briefing on Covid-19 and Data Security

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) just completed a stakeholder security briefing.  This was recorded and should soon be available on the CISA website, but in the interim, some key takeaways are:

  • We are in the “initiation phase” of the pandemic, meaning the worst is yet to come (the “acceleration phase”).
  • Covid-19 has been found in 42 states.
  • The presenters declined to comment on the likelihood of mandatory quarantines.…
  • More

US Security Officials Warning of Cyber Attacks in Wake of Iran Strike

On January 4, 2020, the US Department of Homeland Security posted at National Terrorism Advisory System Bulletin, in the wake of the killing of a senior Iranian military leader by a US drone.  That DHS advisory states:

The United States designated Iran a “State Sponsor of Terrorism” in 1984 and since then, Iran has actively engaged in or directed an array of violent and deadly acts against the United States and its citizens globally.… More

Cybersecurity News & Notes – July 5, 2016

In Case You Missed It: Ruling in FTC v. Amazon Suggests a Way Forward for Companies Responding to Actions Brought by the FTC after a Data Breach.  The FTC’s recent actions in the realm of data security have been predicated on its claim of statutory authority to seek injunctive relief for the failure to maintain reasonable and appropriate data security practices.  A U.S. District Court ruling last week casts some doubt on that authority. … More

A Few Thoughts from Deputy Undersecretary for Cybersecurity, Mark Weatherford, Department of Homeland Security

On May 16, Deputy Undersecretary for Cybersecurity, Mark Weatherford, spoke to the Advanced Cyber Security Center about DHS’s cyber security priorities: Information Sharing, R&D, and the Advanced Persistent Threat.

On Information Sharing:  This is a continuing challenge, in part because of the way the federal government shares information.  At present, the federal government provides cyber threat information to private sector organizations,… More

Incident of the Week: U.S. Law Firms and Public Relations Firms Hit By E-mail Attack

Law firms holding sensitive data for their clients are the targets of a new round of organized cyberattacks, federal authorities cautioned this week.  On Tuesday, the FBI warned that U.S. law firms and public relations firms were being targeted by hackers using “spear phishing” attacks — personalized emails drafted to look like they come from a trusted or reputable source and designed to induce the reader to click an attachment or link that will infect his or her computer with malicious software. … More