Ashden Fein

December 18, 2020, Covington Alert

On December 18, 2020, the Office of the Comptroller of the Currency, Board of Governors of the Federal Reserve System, and Federal Deposit Insurance Corporation issued a notice of proposed rulemaking requiring a banking organization to notify its primary federal regulator within 36 hours of a significant cybersecurity incident and requiring a bank service ...

October 14, 2020, Inside Privacy

On September 30, 2020, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Multi-State Information Sharing and Analysis Center (“MS-ISAC”) released a joint guide synthesizing best practices to prevent and respond to ransomware.  This guide was published the day before OFAC and FinCEN released their coordinated guidance on ransomware attacks ...

September 9, 2020, Covington Alert

On September 1, 2020, the Office of Management and Budget issued a highly-anticipated interim final rule (“Rule”) implementing the Federal Acquisition Supply Chain Security Act. Consistent with the U.S. Government's increasingly sharp focus on supply chain security, the Rule authorizes the Executive Branch to exclude indefinitely “covered articles” (products and ...

July 1, 2020, Inside Energy & Environment

The Federal Energy Regulatory Commission (FERC) recently signaled that it is exploring ways to improve the cybersecurity of the U.S. electricity grid.  On June 18, 2020, FERC issued a Notice of Inquiry (NOI) regarding whether some of its reliability standards regarding cybersecurity must be enhanced and whether the focus of its standards must change due...… ...

May 6, 2020, Covington Alert

On May 1, President Donald Trump signed an executive order on “Securing the United States Bulk-Power System” (the “Order”) that gives the Department of Energy new authorities to block or mitigate certain transactions involving bulk-power system electric equipment designed, developed, manufactured or supplied by a “foreign adversary” based on national security ...

April 15, 2020

WASHINGTON—Cybersecurity Docket has named David Fagan and Ashden Fein to its “Incident Response 30” for 2020. The list features “30 of the best data breach response lawyers in the business.” Mr. Fagan co-chairs the firm’s Data Privacy and Cybersecurity Practice. He has counseled companies on responding to some of the most sophisticated documented cyber-based ...

April 1, 2020, Inside Privacy

In response to the COVID-19 outbreak, several U.S. government entities have released warnings about a rise in scams and fraudulent activity connected to the outbreak.  In a recent bulletin, the FBI warned of a rise in phishing emails, counterfeit treatments or equipment for COVID-19 preparedness, and fake emails from the Centers for Disease Control and...… ...

March 20, 2020, Inside Privacy

In response to the drastic increase of U.S. employees working remotely, the U.S. Federal Trade Commission (“FTC”) and the U.S. National Institute of Standards and Technology (“NIST”) have both issued guidance for employers and employees on best practices for teleworking securely.  In addition, the Cybersecurity and Infrastructure Security Agency (“CISA”) has ...

October 2, 2019

Boards and CEOs at companies of all sizes operating around the world list cybersecurity as one of the top concerns keeping them up at night. Cyber threats are in the news on a daily basis and we hear about data breaches all the time. But our practice often helps clients respond to cyber incidents that are much broader than data breaches; they range from small ...

September 9, 2019, Inside Privacy

On Friday, September 6, 2019, our Government Contracts practice posted an article on Inside Government Contracts about the U.S. Department of Defense’s recent release of its draft Cybersecurity Maturity Model Certification (“CMMC”) for public comment. The CMMC was created in response to growing concerns by Congress and within the U.S. Department of Defense over ...

June 20, 2019, Inside Privacy

Today, Susan Cassidy, Ashden Fein, Moriah Daugherty, and Melinda Lewis posted an article on Inside Government Contracts about the June 19, 2019 announcement by the National Institute of Standards and Technology (“NIST”) of the long-awaited update to Special Publication (“SP”) 800-171 Rev. 1, Protecting Controlled Unclassified Information in Nonfederal Systems ...

June 20, 2019, The Coalition for Government Procurement

June 18, 2019

WASHINGTON—Covington is representing Peraton in its recently announced deal to acquire Solers, Inc., a leading provider of software development and systems integration for space situational awareness, satellite ground systems and operations, cybersecurity engineering, and enterprise cloud-based solutions. Covington is handling government contracts, national ...

June 18, 2019, GIR - The Guide to Cyber Investigations

May 24, 2019, Inside Privacy

On May 13, 2019, China’s State Administration for Market Regulation (“SAMR”) released three core national standards related to the country’s Cybersecurity Multi-level Protection Scheme (“MLPS”), describing technical and organizational controls that companies must follow when complying with MLPS-related obligations under the Cybersecurity Law (“CSL”).  These ...

May 16, 2019, Covington Alert

We are writing to provide an update on two important developments in U.S. national security-based regulation of trade: (1) a new, potentially expansive Executive Order on information and communications technology supply into the U.S. market, and (2) the Department of Commerce’s action to add Huawei to the Entity List.

November 12, 2018

WASHINGTON—Covington is advising private equity firm Veritas Capital on healthcare and other regulatory aspects of its recently announced deal to acquire athenahealth for approximately $5.7 billion. athenahealth is a leading provider of network-enabled services for hospital and ambulatory customers nationwide. Rujul Desai and Ian Brekke are leading the Covington ...

October 24, 2018, Inside Privacy

On September 30, 2018, China’s Ministry of Public Security (“MPS”) released the Regulation on the Internet Security Supervision and Inspection by Public Security Organs (the “Regulation”;《公安机关互联网安全监督检查规定》), which will take effect on November 1, 2018. As the latest regulation issued by MPS that implements China’s Cybersecurity Law (“CSL”), which took effect in ...

October 1, 2018

WASHINGTON—Covington has promoted 20 lawyers to its partnership. “This group covers a wide range of the firm’s most important practices and reflects the ongoing imperative of continuing to build and expand our strengths and to position the firm most effectively to be vibrant in the years ahead,” said Timothy Hester, Covington’s chair. "The size of our class is a ...

August 30, 2018, Covington Alert

How well do you actually know your supply chain—from the materials you acquire to the software you include in your products or services? If you have not answered this question recently, you should consider adding it to your “to do” list. Not only does the U. S. Government want to know, it is increasingly imposing new compliance obligations on its contractors.

July 10, 2018, Inside Privacy

On June 27, 2018, China’s Ministry of Public Security (“MPS”) released for public comment a draft of the Regulations on Cybersecurity Multi-level Protection Scheme (“the Draft Regulation”). The highly anticipated Draft Regulation sets out the details of an updated Multi-level Protection Scheme, whereby network operators (defined below) are required to comply ...

July 5, 2018, Covington Alert

On June 27, 2018, China’s Ministry of Public Security (“MPS”) released for public comment a draft of the Regulations on Cybersecurity Multi-level Protection Scheme (“the Draft Regulation”). The highly anticipated Draft Regulation sets out the details of an updated Multi-level Protection Scheme, whereby network operators (defined below) are required to comply ...

April 23, 2018, Inside Privacy

Pursuant to Executive Order 13636, the National Institute of Standards and Technology (“NIST”) established the Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0, a technology-neutral, voluntary, risk-based cybersecurity framework that includes standards and processes intended to align policy, business, and technological approaches to ...

January 4, 2018, National Defense

December 4, 2017, Inside Privacy

Ahead of the upcoming December 31, 2017 deadline for federal defense contractors to implement the security controls of National Institute of Standards and Technology (“NIST”) Special Publication 800-171 (“SP 800-171”), NIST has released a new draft publication designed to assist organizations in assessing compliance under SP 800-171, Draft Special Publication ...

October 2017, Pratt's Government Contracting Law Report

May 17, 2017, Covington Alert

Last Friday may mark the start of a new era in cyber crime. The first worldwide ransomware attack, commonly dubbed “WannaCry,” emerged on May 12. The malware is believed to have infected more than 300,000 computers in 150 countries to date. A cyber criminal or ring of criminals, taking advantage of an exploit made available by the ShadowBrokers hacker group that ...

September 14, 2016, 2016 Covington Government Contracts Briefing: Solving Problems, Securing Opportunities

June 21, 2016, Webinar

March 2016, Cyber Security Law & Practice

September 11, 2015, Covington Alert

August 12, 2015, The Cybersecurity Law Report

July 30, 2015, Inside Compensation

The federal government has been encouraging employers to adopt best practices to address both external and internal threats to critical business information and infrastructure. These best practices have included an important human resources element, including policies and programs covering current and former employees. For example, the Obama Administration ...

July 17, 2015, Webinar

June 11, 2015, Inside Energy & Environment

On Monday, the 2015 G-7 Summit ended with the President and other Leaders of the G-7 focused generally on a wide range of economic, security, and development issues, and specifically discussing the energy sector’s cybersecurity posture.  According to the White House, the Leaders “launched a new cooperative effort to enhance cybersecurity of the energy sector...… ...

March 12, 2015, Inside Counsel

Richard Shea, Lindsay Burke and Ashden Fein have authored this article on cybersecurity threats: "Cybersecurity threats can emanate not just from outside sources but from company insiders as well — including employees, executives, directors and contractors. According to NetDiligence’s 2014 Cyber Insurance Claims Study, roughly one-third of the reported events ...

March 12, 2015, InsideCounsel