Cybersecurity Update

    View Author April 2014

    The beginning of 2014 has seen a number of developments in the US regulatory arena relating to cybersecurity, data protection and privacy. In addition, the massive and widely publicized Target Corporation data breach brought cybersecurity risk and the potential damages to the attention of businesses and individuals worldwide, with some estimates of the cost of that breach approaching US$700 million. While Europe’s regulatory regime has focused on cybersecurity primarily from an individual privacy protection perspective, the trend among US government agencies is a focus on overall cyber security standards, protection of critical infrastructure, and protection of not only individual personal information, but also of technical data and defense and critical industry sectors.

    This publication discusses the issuance of final regulations by the US Department of Defense under the Defense Federal Acquisition Regulation Supplement (DFARS), “Safeguarding Unclassified Controlled Technical Information” (DFARS Case 2011–D039).