Mobile phone applications are already tracking intimate health data, including our sleep habits, steps walked, body measurements, nutrition, and more. Apps draw this information from the devices many of us now religiously maintain along with our daily wardrobe. In this data-hungry age, doctors and health care providers can apply artificial intelligence (“AI”) to the data to help them provide patients … Continue Reading
On May 1, 2019, the National institute of Standards and Technology (NIST) announced a Request for Information (RFI) in the Federal Register regarding ongoing efforts to develop technical standards for artificial intelligence (AI) technologies and the identification of priority areas for federal involvement in AI standards-related activities. Responses to the RFI are due by May 31, 2019.
The RFI … Continue Reading
Members of Congress recently introduced a bipartisan proposal to enhance cybersecurity for the network of Internet-connected devices, commonly known as the Internet of things (IoT).
Senators Mark Warner (D-VA) and Cory Gardner (R-CO) and Representatives Robin Kelly (D-IL) and Will Hurd (R-TX) introduced the IoT Cybersecurity Improvement Act of 2019 and hope to establish baseline cybersecurity standards for IoT devices. … Continue Reading
In the past month, the National Institute of Standards and Technology (NIST) has issued a draft update to its flagship cybersecurity framework as well as new standalone guidance on how organizations can plan to recover from cybersecurity events. The publication of these documents demonstrates NIST’s ongoing focus on providing substantive guidance to the private and public sectors alike on cybersecurity … Continue Reading
The Internet of Things continues to draw broad interest from policymakers and regulators around the globe. Following on the heels of a major distributed denial-of-service attack in October 2016 that leveraged potentially millions of compromised IoT devices, members of Congress have sent letters to US federal agencies regarding the risks posed by insecure IoT devices and held a hearing about … Continue Reading
Representatives from government and the private sector discussed the present state of healthcare cybersecurity, and experts discussed practical strategies for implementing the HIPAA Security Rule at the ninth annual “Safeguarding Health Information: Building Assurance through HIPAA Security” conference held from October 19–20, 2016 and co-hosted by the National Institute of Standards and Technology (NIST) and the Department of … Continue Reading
The Federal Trade Commission (FTC) recently presented an analysis of how its approach to data security over the past two decades compares with the Framework for Improving Critical Infrastructure Cybersecurity (NIST Framework) issued in 2014 by the National Institute of Standards and Technology (NIST) and strongly endorsed by the White House.
Consider this increasingly common scenario: an employee visits an apparently legitimate website. Unbeknownst to them, the website is hosted by an organized crime group. By visiting the site, the employee has allowed the group to quietly install ransomware on their organization’s file system. Malicious code begins to encrypt files on the server, before moving laterally to encrypt other servers on … Continue Reading
Government officials and experts from the private sector discussed enabling precision medicine and efforts to bolster patients’ rights to access medical records, and also emphasized the importance of controlling access to protected health information (PHI) at the eighth annual “Safeguarding Health Information: Building Assurance Through HIPAA Security” conference held from September 2–3, 2015, and co-hosted by the National Institute of … Continue Reading
On August 12, the National Institute of Standards and Technology (NIST) published a Request for Information (RFI) to help develop the next generation of technical encryption standards used by the U.S. Government and federal contractors to protect sensitive information. The new standard will update Fair Information Processing Standard (FIPS) 140-2, which has provided the baseline requirements for the development, testing, … Continue Reading
Emerging technologies, such as cloud computing and the “smart city,” have the potential to greatly advance our quality of life. The use, retention, and storage of data that go along with them, however, have raised citizen concerns about privacy risks. The National Institute of Standards and Technology (“NIST”) addresses these concerns in a new draft report titled Privacy Risk Management … Continue Reading
The U.S. Federal Communications Commission’s (FCC) Public Safety and Homeland Security Bureau (Bureau) has requested public input on a recent report on Cybersecurity Risk Management and Best Practices (Report) by the Communications Security, Reliability and Interoperability Council (CSRIC) for communications providers. The Report represents the latest example of the U.S. government’s continued attention to these issues following the President’s 2013 … Continue Reading