I work as an outside General Counsel to funded (but still resource constrained) startup companies.

Can anyone suggest some helpful free resources for getting up to speed — and then staying up to date — with regard to current and emerging regulatory and compliance cybersecurity standards and practices for U.S. companies?

Thank you in advance.

Topic

[marcelopmParticipant]

Many consulting and law firms in the US provide free seminars and/or conference calls on this topic. Below is a list of some of the ones I’ve used in the past.

* ACA Aponix
* Mayer Brown
* Debevoise and Plimpton

You will need to go on their website, register, etc.

I hope this helps.

Thanks,
Marcelo

[girevoycms24Participant]

I recently wrote an introductory 2-part blog providing an overview of regulatory issues in view of the Uber hack. Check it out at Merlin Law Blog https://www.propertyinsurancecoveragelaw.com/ (search Verne Pedro). Would be interested to discuss off-line as well.

[kjoyceParticipant]

If companies are going to contract with the US government they need to have Controlled Unclassified Information (CUI) policies in place. Defense Federal Acquisition Regulation Supplement (DFARS) clauses 252.204-7008 (Compliance with Safeguarding Covered Defense Information Controls) and 252.204-7012 (Safeguarding Covered Defense Information and Cyber Incident Reporting). In this documentation it s stated that contractors of the federal government need to follow in NIST Special Publication 800-171 R1, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations.

[Author]

Replies