Ransomware Attack Mitigation: Revealing the Vulnerabilities to Improve Preparation

The United States Department of Defense (“DoD”) recently published its Defense Industrial Base Cybersecurity Strategy 2024. For context, the DIB is comprised of more than 100,000 domestic and foreign companies or organizations that perform “research and development, design, production, delivery,… Read more

April 15, 2024 | Cybersecurity & Data Privacy | Government Contracts

“Facing Cyber Attacks, Critical Infrastructure Gets New Reporting Requirements,” Federal News Network

In an interview on Federal News Network on April 9, 2024, WRVB principal and chair of our Cybersecurity & Data Privacy practice, Beth Waller, talks on-air with reporter Eric White to break down a proposed rule by the Cybersecurity and… Read more

April 12, 2024 | Cybersecurity & Data Privacy

Beth Waller Shares Insight on Cyber Challenges in Hybrid Work Environments, Risk & Insurance

Despite the four-year mark since the world was forced into remote and hybrid work due to the COVID-19 pandemic, the challenges for business leaders in navigating these environments persist. The risks are numerous. In an article on April 8, 2024,… Read more

April 9, 2024 | Cybersecurity & Data Privacy

Proposed Federal Cyber Incident Reporting Rule Adds Hefty Federal Reporting Requirements to Critical Infrastructure Sector and Large Businesses

By Elizabeth Burgin Waller, Patrick J. Austin

The federal Cybersecurity and Infrastructure Security Agency (CISA) released a draft of its proposed rule detailing how covered entities operating in critical infrastructure sectors report cyberattacks and ransomware payments to the federal government. The proposed rule states that entities operating… Read more

March 28, 2024 | Cybersecurity & Data Privacy

Defense Department Expands Access to DIB Cybersecurity Program

By Patrick J. Austin, Jerry A. Miles

On March 12, 2024, the U.S. Department of Defense (DoD) published a final rule (pdf) that dramatically expands access to defense contractors seeking to join the DoD’s voluntary Defense Industrial Base Cybersecurity Program (“DIB CS Program” or “the Program”). The… Read more

March 21, 2024 | Cybersecurity & Data Privacy

Overview of Virginia’s AI Executive Order

By Patrick J. Austin, Ross Broudy

In January 2024, Virginia Governor Glenn Youngkin announced and signed Executive Order 30 on Artificial Intelligence (EO 30), establishing “important safety standards to ensure the responsible, ethical, and transparent use of AI by state government.” EO 30 is expected to… Read more

March 11, 2024 | Cybersecurity & Data Privacy

“4 Ways to Mitigate Vendor Cybersecurity Risks,” Association of Corporate Counsel’s ACC Docket

By Elizabeth Burgin Waller

In a March 1, 2024, article published by the Association of Corporate Counsel’s ACC Docket, Kate Kreps, Chief Privacy Officer and Senior Counsel at American Electric Power, joins Woods Rogers Vandeventer Black (WRVB) Principal and Chair of our Cybersecurity &… Read more

March 6, 2024 | Cybersecurity & Data Privacy

Executive Order Prohibits Transfer of Sensitive Personal Data to “Countries of Concern”

By Patrick J. Austin, John Pilch

On February 28, 2024, U.S. President Joe Biden issued Executive Order on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern (EO), which authorizes the U.S. Attorney General to restrict large-scale transfers… Read more

March 5, 2024 | Cybersecurity & Data Privacy

Defense Department’s Proposed CMMC Rule Will Impose New Cybersecurity Requirements on Contractors

By Elizabeth Burgin Waller, Anthony J. Mazzeo, Patrick J. Austin, Jerry A. Miles

The U.S. Department of Defense (DoD) released a proposed rule to implement its Cybersecurity Maturity Model Certification (CMMC) program, which would establish a comprehensive set of cybersecurity requirements applicable to defense contractors. If enacted, CMMC would obligate contractors to take… Read more

March 1, 2024 | Construction & Government Contracts | Cybersecurity & Data Privacy

Cybersecurity & Data Privacy