On March 8, 2022, just five months after the creation of the Department of Justice’s (“DOJ”) new Civil Cyber-Fraud Initiative (previously discussed...), the DOJ announced its first settlement of a cyber-related fraud case...more
Blockchain is one of the most significant new technologies since the internet. It has ushered in what has been referred to as Web3.0. Some of the most popular applications of this technology include NFTs and metaverses....more
2/28/2022
/ Blockchain ,
Corporate Governance ,
Cryptocurrency ,
FinCEN ,
Intellectual Property Protection ,
Money Laundering ,
Non-Fungible Tokens (NFTs) ,
Office of Foreign Assets Control (OFAC) ,
Online Platforms ,
Regulatory Agenda ,
Regulatory Oversight ,
Securities and Exchange Commission (SEC) ,
Technology Sector
President Biden recently signed a National Security Memorandum on cybersecurity. This memorandum was required by an earlier executive order, which we previously have discussed here. The new memorandum (NSM) requires certain...more
Just as we thought 2022 was going to be significantly different than 2021, December 2021 and January 2022 events have thrown us for another (pandemic) loop. We anticipate that some of the privacy and cybersecurity...more
1/12/2022
/ Artificial Intelligence ,
Auto-Dialed Calls ,
Biometric Information ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CAN-SPAM Act ,
CARU ,
CDPA ,
Consumer Privacy Rights ,
COPPA ,
Cross-Border Transactions ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Employee Tracking ,
EU ,
FCC ,
Federal Trade Commission (FTC) ,
Food and Drug Administration (FDA) ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Identity Theft ,
Machine Learning ,
Mobile Privacy ,
Ransomware ,
SCOTUS ,
TCPA
As 2021 draws to a close, we wanted to share a recap of some of the most important cybersecurity developments we covered this past year along with some suggestions on what companies (particularly those that do business with...more
As 2021 draws to a close, we wanted to share a recap of some of the most important cybersecurity developments we covered this past year along with some suggestions on what companies (particularly those that do business with...more
As 2021 draws to a close, we wanted to share a recap of some of the most important cybersecurity developments we covered this past year along with some suggestions on what companies (particularly those that do business with...more
As 2021 draws to a close, we wanted to share a recap of some of the most important cybersecurity developments we covered this past year along with some suggestions on what companies (particularly those that do business with...more
12/20/2021
/ Biden Administration ,
Cyber Threats ,
Cybersecurity ,
Data Security ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Internet of Things ,
Popular ,
Software Developers ,
Supply Chain
The Department of Defense (DOD) recently announced several changes to its Cybersecurity Maturity Model Certification program. The program applies to those who serve as contractors and suppliers to the DOD. As described in our...more
The National Institute of Standards and Technology (“NIST”) is seeking comments on its second draft of NIST SP 800-161 Rev. 1, “Cyber Supply Chain Risk Management Practices for Systems and Organizations,” published on October...more
11/11/2021
/ Biden Administration ,
Cybersecurity ,
Data Security ,
Executive Orders ,
Federal Contractors ,
Government Agencies ,
Information Technology ,
NIST ,
Risk Management ,
Software ,
Supply Chain ,
Technology
On November 4, 2021, the Department of Defense (“DOD”) announced several changes to the Cybersecurity Maturity Model Certification (“CMMC”) program – the program that DOD intends to use to enhance the security of the defense...more
On Wednesday, October 6, 2021, the Department of Justice (“DOJ”) announced a new Civil Cyber-Fraud Initiative to enforce cybersecurity standards and reporting requirements. The Initiative will use DOJ’s civil enforcement...more
10/29/2021
/ Cybersecurity ,
Data Protection ,
Department of Justice (DOJ) ,
Enforcement Actions ,
False Claims Act (FCA) ,
Federal Contractors ,
Fraud ,
Policies and Procedures ,
Popular ,
Regulatory Oversight ,
Reporting Requirements
The Office of Management and Budget (“OMB”) released its draft Federal Zero Trust Strategy under President Biden’s Executive Order on Improving the Nation’s Cybersecurity (No. 14028) (discussed previously here and here) and...more
The National Institute of Standards and Technology (“NIST”) is seeking comments on its draft NIST SP 800-160, Volume 2, Revision 1, “Developing Cyber-Resilient Systems: A Systems Security Engineering Approach,” and draft NIST...more
The FedRAMP Program Management Office is seeking comments on its draft FedRAMP Authorization Boundary Guidance, Version 2.0, released on July 13, 2021. The public comment period currently is open and closes on September 13,...more
As called for in the May 12, 2021 Cybersecurity Executive Order (“EO”) released by the Biden Administration (discussed here), NIST met its deadline to release a definition of “critical software” within 45 days of the date of...more
In February 2021, President Biden issued Executive Order 14017, “Executive Order on America’s Supply Chains” (discussed here), requiring (among other things) a report within 100-days requiring key government agencies to...more
6/30/2021
/ Batteries ,
CFIUS ,
Child Labor ,
China ,
Defense Production Act ,
Department of Defense (DOD) ,
Electric Vehicles ,
Executive Orders ,
Forced Labor ,
Geopolitical Risks ,
Greenhouse Gas Emissions ,
Human Rights ,
Joe Biden ,
Manufacturers ,
NDAA ,
Prescription Drugs ,
Russia ,
Semiconductors ,
Supply Chain
The National Institute of Standards and Technology (“NIST”) is seeking comments on its draft NIST SP 800-161 Rev. 1, “Cyber Supply Chain Risk Management Practices for Systems and Organizations,” published on April 29, 2021....more
5/27/2021
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Executive Orders ,
Information Technology ,
NIST ,
Popular ,
Software ,
Supply Chain ,
Technology
On May 12, 2021, the Biden Administration issued its much anticipated “Executive Order on Improving the Nation’s Cybersecurity.” Below are provisions we believe will be of most interest to contractors, as well as any company...more
5/19/2021
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
DFARS ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Information Technology ,
Internet of Things ,
NIST ,
OMB ,
Popular ,
Software ,
Supply Chain ,
Technology
On February 24, 2021, President Biden signed Executive Order 14017, “Executive Order on America’s Supply Chains,” requiring a review of global supply chains that support key U.S. industries in an attempt to improve supply...more
4/1/2021
/ Biden Administration ,
Department of Agriculture ,
Department of Defense (DOD) ,
Department of Energy (DOE) ,
Department of Health and Human Services (HHS) ,
Department of Homeland Security (DHS) ,
Department of Transportation (DOT) ,
Executive Orders ,
Federal Contractors ,
National Security ,
Regulatory Reform ,
Supply Chain
On December 21, 2020, the Department of Defense (“DoD”) published a final rule in the Federal Register that codifies the National Industrial Security Program Operating Manual (“NISPOM”) in the Code of Federal Regulations...more
On January 1, 2021, Congress overrode President Trump’s veto of the Fiscal Year (“FY”) 2021 National Defense Authorization Act (“NDAA”) (the “Act”), Pub. L. No. 116-283. The $740 billion defense bill establishes funding...more
Legislation directing the National Institute of Standards and technology (“NIST”) to create standards and guidelines for securing Internet of Things (“IoT”) devices used by Federal agencies and their contractors recently...more
12/1/2020
/ Compliance ,
Contractors ,
Data Security ,
Data-Sharing ,
Electronic Communications ,
Federal Contractors ,
Internet of Things ,
New Legislation ,
NIST ,
Regulatory Standards ,
Subcontractors
NIST has now finalized its guidance providing important information on selecting both security and privacy control baselines for the Federal Government. The guidance is available here: Special Publication 800-53B, Control...more
The Department of Defense (DoD) recently published an interim rule that sets forth its Cybersecurity Maturity Model Certification (CMMC) program plan, as well as new requirements for a “NIST SP 800-171 DoD Assessment...more