On September 14, 2022, the Office of Management and Budget (OMB) issued much-anticipated guidance on the implementation of Secure Software Development Framework (SSDF) requirements for contractors (The “Guidance Memo”)...more
10/26/2022
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Executive Orders ,
Federal Contractors ,
Information Technology ,
National Security ,
NIST ,
OMB ,
Software ,
Software Developers
On March 15, 2021, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which will require critical infrastructure owners and operators (among other things) to report...more
9/29/2022
/ Biden Administration ,
Cyber Attacks ,
Cybersecurity ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
DFARS ,
Enforcement ,
FedRAMP ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Infrastructure ,
Microsoft ,
NIST ,
Pipelines ,
Publicly-Traded Companies ,
Rulemaking Process ,
Russia ,
Securities and Exchange Commission (SEC) ,
SolarWinds ,
Ukraine ,
US-CERT
While the DoD charts a path forward on CMMC, the USG is emphasizing the need to comply with existing cyber obligations in government contracts and taking steps to enforce compliance with those obligations.
The June 16 Memo...more
8/22/2022
/ Audits ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
Fraud ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
NIST ,
Popular ,
Rulemaking Process ,
Software