Lillia Damalouji on NIST

At Long Last – The FAR CUI Rule is Here!

The wait is finally over! After more than 14 years of anticipation, the Federal Acquisition Regulation (“FAR”) Proposed Rule on Controlled Unclassified Information (“CUI”) was released on January 15, 2025 and comes as part of...more

1/30/2025 / Compliance , Controlled Unclassified Information (CUI) , Cybersecurity , Cybersecurity Maturity Model Certification (CMMC) , Data Security , DFARS , Federal Acquisition Regulations (FAR) , Federal Contractors , Final Rules , NIST , Proposed Rules , Risk Management , Training

CISA Opens Repository for Submission of Software Security Attestation Forms

On March 11, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Office of Management and Budget (“OMB”) released the highly-anticipated Secure Software Development Attestation Form (also known as the...more

3/28/2024 / Cybersecurity , Cybersecurity Information Sharing Act (CISA) , NIST , OMB , Software , Supply Chain

Update: CISA Seeks Additional Input from Software Providers on Security Attestation Form

The Cybersecurity and Infrastructure Security Agency (“CISA”) recently revised its Secure Software Development Attestation Common Form (after receiving over 110 comments on the initial draft), and is seeking additional...more

12/7/2023 / Comment Period , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , NIST , Software , Supply Chain

Cybersecurity Labeling Program to Increase Transparency of IoT Device Security

In response to a constantly-evolving cyber threat landscape, the Biden Administration recently announced the launch of a new cybersecurity labeling program – the U.S. Cyber Trust Mark program – in an effort to enhance...more

8/4/2023 / Connected Items , Consumer Privacy Rights , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , Data Collection , Data Security , Federal Contractors , Internet of Things , New Legislation , NIST , Personal Data , Personally Identifiable Information , Privacy Concerns , Privacy Laws , Smart Devices , Technology Sector

Cybersecurity Labeling is (Almost) Here! Biden Administration Announces the U.S. Cyber Trust Mark Program

On July 18, 2023, the Biden Administration announced the launch of the long-awaited cybersecurity labeling program, called the “U.S. Cyber Trust Mark,” aimed at providing consumers with a better understanding of the...more

8/2/2023 / Biden Administration , Cybersecurity , Data Security , FCC , Internet of Things , Internet Retailers , Labeling , NIST , Notice of Proposed Rulemaking (NOPR) , Online Marketplace , Popular , Regulatory Agenda , Telecommunications , Wireless Technology

NIST Wants Your Input – Updating NIST’s Controlled Unclassified Information (CUI) Guidelines

On July 19, 2022, the National Institute of Standards and Technology (NIST) released a Pre-Draft Call for Comments, seeking feedback on improving its Controlled Unclassified Information (CUI) series of publications. The...more

7/28/2022 / Comment Period , Controlled Unclassified Information (CUI) , Cybersecurity , Cybersecurity Maturity Model Certification (CMMC) , Department of Defense (DOD) , Federal Contractors , Final Drafts , Information Technology , NIST , Security Risk Assessments

Watch Your Boundaries – FedRAMP Releases Draft Authorization Boundary Guidance for Public Comment

The FedRAMP Program Management Office is seeking comments on its draft FedRAMP Authorization Boundary Guidance, Version 2.0, released on July 13, 2021. The public comment period currently is open and closes on September 13,...more

7/29/2021 / Biden Administration , Cloud Service Providers (CSPs) , Comment Period , Cybersecurity , Executive Orders , Federal Data Privacy , FedRAMP , Information Security , Information Technology , NIST

Lillia Damalouji

Sheppard Mullin Richter & Hampton LLP

Popular Topics by This Author

Latest Posts › NIST