National Security

Penn State University Hit With False Claims Act Suit for Alleged Cyber Security Deficiencies

September 25, 2023 By Kellen Dwyer and Kai Knight

On September 1, 2023, the U.S. District Court for the Eastern District of Pennsylvania unsealed a qui tam False Claims Act (“FCA”) lawsuit (originally filed on October 5, 2022) alleging Penn State University failed to provide “adequate security” for Covered Defense Information, as contractually required by Defense Federal Acquisition Regulation Supplement (“DFARS”) 252.204-7012. DFARS requires […]

Chinese Hackers Exploit Gap in Cloud Environment Used by U.S. Government

July 20, 2023 By Kellen Dwyer and Kristen Bartolotta

According to recent reports issued by Microsoft and U.S. government agencies, hackers recently exploited a gap in Microsoft’s cloud environment, enabling the malicious actors to access the email accounts of employees at the United States Commerce and State Departments. Including the U.S. government, around 10 organizations were victimized in the U.S. and about 25 were […]

CISA Issues Request for Information Prior to Required CIRCIA Rulemaking

September 13, 2022 By Kim Peretti, Kellen Dwyer and Kristen Bartolotta

On September 12, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) issued a request for information (RFI) seeking input from stakeholders on the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). Signed by President Biden in March, CIRCIA requires CISA to develop and implement regulations requiring covered entities to report information about covered […]

President Biden Issues Executive Order Directing Coordinated Federal Approach to Digital Assets

March 9, 2022 By Kim Peretti, Kate Hanniford and Kristen Bartolotta

As a result of the rise in digital assets, President Biden signed an Executive Order on March 9, 2022 ordering a review of the nation’s approach to cryptocurrency. The Executive Order on Ensuring Responsible Development of Digital Assets (the “Order”) contains both broad policy objectives and specific analysis to be conducted by the federal government. […]

Senate Passes Significant Cyber Bill Requiring Cyber Incident Reporting

March 3, 2022 By Kim Peretti and Kristen Bartolotta

The Strengthening American Cybersecurity Act of 2022, a bill that narrowly failed to become law last year, was passed in the Senate on Tuesday, March 1 as a package of cybersecurity measures that would require operators of critical infrastructure and federal civilian agencies to report cyber incidents to the Department of Homeland Security’s Cybersecurity and […]