This site uses cookies to provide you with a more responsive and personalized service. By using this site you agree to our use of cookies. You can learn more about our use of cookies and similar technologies and your choices by reviewing our Privacy Policy. By clicking “I agree” you agree to our use of cookies and similar technologies.
“Regulationpalooza.” Readers offer their key takeaways from ACI event
At a recent fireside chat regarding the new U.S. sensitive data Executive Order and proposed rule, the discussion centered on case-based authorities vs. transaction-based authorities, and how the ANPRM looks at “classes of transactions” with a foreign adversary that pose substantial risk. Ken Mendelson provided FIW with his key takeaway from the event. He said, “This is new ‘categorical authority’ approach that will be a challenge for many to understand, and that a key takeaway is that the proposed rule is driven by national security, not data privacy. Many will find that confusing, especially due to the renewed emphasis on federal privacy legislation.”
(Paywall)
Ken Mendelson AIGP, CISSP, CIPP, CISA
Senior Managing Director
Ken Mendelson has spent more than 30 years at the intersection of law, information technology and public policy. As a member of the National Security Practice, Ken manages governance, risk and compliance projects and investigations, and conducts monitorships and third-party audits in connection with mitigation agreements enforced by the Committee on Foreign Investment in the United States (CFIUS). In addition, he assists established and emerging companies with implementing and maintaining cybersecurity and privacy programs by developing cybersecurity policies, procedures and guidelines, and conducting risk-based cybersecurity assessments.
InvestigationHotlines