May 23, 2017

May 23, 2017

Subscribe to Latest Legal News and Analysis

May 22, 2017

Subscribe to Latest Legal News and Analysis

Government Agencies to be Rated on Cybersecurity Using NIST Framework

The Trump administration has announced that it will impose new metrics on federal agencies related to cybersecurity.  Agencies and departments will be required to comply with the framework developed by the National Institute of Standards and Technology (NIST) and report back to the Department of Homeland Security (DHS), the Office of Management and Budget (OMB), and the White House.

Homeland security advisor Thomas Bossert stated that the President’s budget will include an increase in federal funding to combat cyber threats, and that the administration’s priorities vis-à-vis cybersecurity are to modernize and centralize the existing system. To this end, the Administration intends to partner with business, including Silicon Valley, and state and local governments, on cybersecurity.

In the federal sector, the White House’s March 2017 budget blueprint calls for $1.5 billion for DHS activities to protect federal networks and critical infrastructure from cyberattacks. Additionally, a cybersecurity executive order will reportedly be finalized in the near future.

Plans to impose the NIST cybersecurity framework on federal agencies illustrate the Framework’s increasing importance as a standard for cybersecurity, not just for government agencies, but more broadly throughout the information ecosystem.  With security breaches, state-sponsored cyber-attacks, and ransomware demands increasing, the Framework offers useful guidance on processes and actions designed to enhance data security for government and industry alike.

© 2017 Keller and Heckman LLP

TRENDING LEGAL ANALYSIS


About this Author

Sheila Millar, Keller Heckman, advertising lawyer, privacy attorney
Partner

Sheila A. Millar counsels corporate and association clients on advertising, privacy, product safety, and other public policy and regulatory compliance issues.

Ms. Millar advises clients on an array of advertising and marketing issues.  She represents clients in legislative, rulemaking and self-regulatory actions, advises on claims, and assists in developing and evaluating substantiation for claims. She also has extensive experience in privacy, data security and cybersecurity matters.  She helps clients develop website and app privacy policies,...

202-434-4646
Tracy Marshall, Keller Heckman, regulatory attorney, for-profit company lawyer
Partner

Tracy Marshall joined Keller and Heckman in 2002. She assists clients with a range of business and regulatory matters.

In the business and transactional area, Ms. Marshall advises for-profit and non-profit clients on corporate organization, operations, and governance matters, and assists clients with structuring and negotiating a variety of transactions, including purchase and sale, marketing, outsourcing, and e-commerce agreements.

In the privacy, data security, and advertising areas, she helps clients comply with privacy, data security, and consumer protection laws, including laws governing telemarketing and commercial e-mail messages, contests and sweepstakes, endorsements and testimonials, marketing to children, and data breach notification. Ms. Marshall also helps clients establish best practices for collecting, storing, sharing, and disposing of data, and manage outsourcing arrangements and transborder data flows. In addition, she assists with drafting and implementing internal privacy, data security, and breach notification policies, as well as public privacy policies and website terms and conditions. 

202-434-4234
Nathan Cardon, Keller Heckman, product safety attorney, labor lawyer
Associate

Nathan Cardon joined Keller and Heckman in 2013.  Mr. Cardon practices in the areas of product safety, privacy, and advertising.

In his product safety practice, Mr. Cardon counsels clients on risk management and product safety strategies, as well as on compliance with Consumer Product Safety Commission (CPSC) requirements, including new requirements under the Consumer Product Safety Improvement Act of 2008 (CPSIA). 

In the privacy and advertising practice, Mr. Cardon is involved in a wide variety of privacy, data...

202-434-4254