Security, Privacy and Information Governance

Author: Lee G. Petro (page 2 of 2)

Executive Orders Require Review of Federal IT and Cybersecurity Resources


The Trump administration has issued two executive orders focusing on national cybersecurity. The first establishes the American Technology Council, tasking it with developing policy around the use of information technology by the federal government and providing insight into how information technology policy is delivered to the president.

The orders include aggressive deadlines for federal agencies to submit reports on the cybersecurity of critical infrastructure entities, which may be difficult to meet.

For more insight, read our detailed review of the executive orders.

Proposed Changes to the NIST Cybersecurity Framework


The National Institute of Standards and Technology (NIST) issued an update to its Framework for Improving Critical Infrastructure Cybersecurity on January 10, 2017. The updated draft Version 1.1 was issued after NIST’s review of considerable public and private-sector feedback on Version 1.0.

The updated five Framework Core Functions remain the same as the previous iteration: Identify, Protect, Detect, Respond and Recover. Version 1.1 now includes enhanced categories, subcategories and guidance, including cyber supply chain risk management, safer information sharing, cybersecurity measurement and stronger measures for device authentication.

The updated draft includes improvements but is intended to remain a voluntary cyber risk management tool that organizations can customize.

Read our overview of the updates and insights on some of the highlights.

Newer posts

© 2018 Drinker Biddle & Reath LLP. All Rights Reserved. Lawyer Advertising.

Disclaimer/Privacy Policy