On April 14, 2025, the National Institute of Standards and Technology (NIST) released a draft update to the NIST Privacy Framework 1.1. The updates are meant to enhance organizations’ data governance and risk management and...more
The US Department of Defense (DoD) published a final rule codifying the Cybersecurity Maturity Model Certification (CMMC) Program. The final CMMC rule will apply to all DoD contractors and subcontractors that will process,...more
The US Department of Defense (DoD) took the next step in implementing the Cybersecurity Maturity Model Certification (CMMC) Program on August 15, 2024, when it issued a Proposed Rule to amend the Defense Federal Acquisition...more
In this series of articles, we explore the different certification requirements of CMMC Levels 1, 2 and 3; the impact on contractors and external service providers; and proposed next steps...
On December 26, 2023, the US...more
4/26/2024
/ Certification Requirements ,
Comment Period ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Framework ,
Cybersecurity Maturity Model Certification (CMMC) ,
DCMA ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management
In this series of articles, we explore the different certification requirements of CMMC Levels 1, 2 and 3; the impact on contractors and external service providers; and proposed next steps...
On December 26, 2023, the US...more
In this series of articles, we explore the different certification requirements of CMMC Level 1, 2 and 3, the impact on contractors and external service providers, and proposed next steps...
On December 26, 2023, the US...more
1/9/2024
/ Certification Requirements ,
Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Sector ,
Department of Defense (DOD) ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NIST ,
Proposed Rules ,
Subcontractors
On December 26, 2023, the US Department of Defense (DoD) published its long-awaited proposed rule codifying the Cybersecurity Maturity Model Certification (CMMC) Program. The proposed CMMC rule will apply to all DoD...more
12/29/2023
/ Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Popular ,
Proposed Rules ,
Regulatory Requirements ,
Security Controls
On June 16, 2022, the US Department of Defense (DoD) issued a memorandum (DoD Memo) “reminding” contracting officers that noncompliance with the Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012,...more
7/1/2022
/ Compliance ,
Corporate Counsel ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Security ,
Department of Defense (DOD) ,
DFARS ,
Enforcement Actions ,
Federal Contractors ,
NIST ,
Policy Memorandums
As a wave of potential privacy legislation sweeps across the country, California continues to lead the way. The recently enacted California Privacy Rights Act (CPRA) adds to the groundbreaking 2018 California Consumer...more
2/19/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Continuing Legal Education ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Subjects Rights ,
Enforcement Actions ,
Privacy Laws ,
Private Right of Action ,
Risk Mitigation ,
Webinars
Standard, everyday appliances like dishwashers and ovens, and necessary devices such as lights and thermostats, are increasingly likely to be Wi-Fi enabled, allowing them to send and receive data. These objects are widely...more
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
1/16/2020
/ Automation Systems ,
Best Practices ,
California Consumer Privacy Act (CCPA) ,
Compliance ,
Consent ,
Consumer Privacy Rights ,
Continuing Legal Education ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Subject Access Requests ,
Data Subjects Rights ,
Discovery ,
Events ,
Information Security ,
Information Technology ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Requirements ,
Risk Assessment ,
Vendor Contacts ,
Vendors
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
1/14/2020
/ Automation Systems ,
Best Practices ,
California Consumer Privacy Act (CCPA) ,
Compliance ,
Consent ,
Consumer Privacy Rights ,
Continuing Legal Education ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Subject Access Requests ,
Data Subjects Rights ,
Discovery ,
Events ,
Information Security ,
Information Technology ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Requirements ,
Risk Assessment ,
Vendor Contacts ,
Vendors
California has taken bold steps to regulate the privacy and security of personal information, creating unprecedented remedies for data breaches and recognized European-style rights for consumers in their data.
On September...more
8/9/2019
/ Big Data ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Continuing Legal Education ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Emerging Technology Companies ,
Events ,
Information Technology ,
Popular ,
Risk Management ,
Security Risk Assessments ,
State Data Privacy Laws