UNITED STATES
Regulatory—Policy, Best Practices, and Standards
NIST Produces Roadmap for Improving Critical Infrastructure Cybersecurity Version 1.1
On April 25, the National Institute of Standards and Technology produced a roadmap for improving critical infrastructure cybersecurity version 1.1. The roadmap outlined several areas of focus for future development of the framework, including authentication methods, automated indicator sharing, conformity assessments, data analytics, and supply chain risk management.
Regulatory—Consumer and Retail
FTC Takes Action Against Companies Falsely Claiming to Comply with Privacy Shield
Federal Trade Commission (“FTC”) On June 14, the announced that it had reached a settlement with a company that provides employment background checks for falsely claiming participation in the EU–U.S. Privacy Shield and Swiss–U.S. Privacy Shield frameworks. The FTC also sent warning letters to 13 companies that claimed to participate in expired U.S.–EU Safe Harbor and the U.S.–Swiss Safe Harbor frameworks. The FTC instructed the companies to remove any “public documents or statements that might be construed as claiming participation or…
