Data Law Insights

Data Law Insights

Legal insights on navigating privacy, data protection, cybersecurity, information governance, and e-discovery

Tag Archives: Cybersecurity Rule

NIST Offers Insight Into Updated Risk Management Framework

Posted in Cybersecurity / Data Security
The National Institute of Standards and Technology (NIST) has recently provided a glimpse into their revised Risk Management Framework (RMF).  NIST issued a Final Draft of Special Publication (SP) 800-37, Revision 2, Risk Management Framework for Information Systems and Organizations–A System Life Cycle Approach for Security and Privacy.  The focus of the revised Framework, which is open… Continue Reading

Navy Boils The Ocean on Cyber

Posted in Cybersecurity / Data Security, Privacy
The Navy has recently issued a policy memorandum entitled “Implementation of Enhanced Security Controls on Select Defense Industrial Base Partner Networks” that calls for heightened cybersecurity requirements and oversight for “critical” government contractors handling their sensitive government data, broadly referred to as controlled unclassified information (“CUI”) or “covered defense information” (CDI) within the defense sector. … Continue Reading

Colorado’s New Data Privacy Bill Increases Notification and Safeguarding Requirements

Posted in Cybersecurity / Data Security, Privacy
The Colorado legislature recently passed a new data privacy law, House Bill 18-1128, which heightens requirements for corporate and public entities handling personal information of Colorado residents.  Effective September 1, 2018, the law aims to strengthen consumer data privacy by 1) shortening the time frame required to notify affected Colorado residents and the Attorney General… Continue Reading