News & Analysis as of July 23, 2025

Compliance › National Institute of Standards and Technology

+ Follow

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -

How does Executive Order 14306 shift the cyber strategy for government contractors?

Clark Hill PLC on 7/18/2025

On June 6, a new Executive Order (EO) on cybersecurity altered the compliance landscape for federal contractors. The order pauses the imminent requirement for software vendors to formally attest compliance with the Secure...more

NIS 2: Strengthening Europe’s Cyber Defenses

Morrison & Foerster LLP on 7/8/2025

European cybersecurity risk management and reporting obligations have received a substantial facelift. The Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the EU (“NIS 2”) became effective...more

Navigating TRAIGA: Texas’s New AI Compliance Framework

Ropes & Gray LLP on 6/25/2025

On June 22, 2025, Texas enacted the Texas Responsible Artificial Intelligence Governance Act (“TRAIGA”), putting it at the forefront of state-level AI regulation in the United States. TRAIGA becomes effective January 1, 2026....more

Building the Cyber Fortress: New Cybersecurity Executive Order Targets Quantum, AI, and Supply Chain Security

McCarter & English Blog: Government Contracts... on 6/16/2025

On June 6, 2025, President Trump issued a new executive order, “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144” (EO), signaling the construction...more

Building a Future-Proofed AI Risk Management Program

Ankura on 5/13/2025

Artificial Intelligence (AI) is revolutionizing industries globally, from healthcare to finance, retail, technology, and education, enabling businesses and consumers alike to achieve their tasks more efficiently and...more

Adversarial Machine Learning in Focus: Novel Risks, Straightforward Legal Approaches

Ropes & Gray LLP on 5/6/2025

The Artificial Intelligence and Machine Learning (“AI/ML”) risk environment is in flux. One reason is that regulators are shifting from AI safety to AI innovation approaches, as a recent DataPhiles post examined. Another is...more

The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

McCarter & English Blog: Government Contracts... on 4/28/2025

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more

Latest FCA Cybersecurity Settlement Shows Enforcement Remains a Priority Under Trump Administration

Foley & Lardner LLP on 4/4/2025

A recent United States Department of Justice (DOJ) announcement reinforces that enforcement of cybersecurity requirements under the False Claims Act (FCA) remains an ongoing risk. According to the press release, defense...more

Privacy and Data Security in Community Associations: Navigating Risks and Compliance

Ward and Smith, P.A. on 3/28/2025

For community associations, this is especially important as these organizations often manage large amounts of PII of homeowners and residents (e.g., name, address, phone number, etc.), including certain categories of...more

Key Considerations Before Negotiating Healthcare AI Vendor Contracts

Sheppard Mullin Richter & Hampton LLP on 3/24/2025

The integration of artificial intelligence (AI) tools in healthcare is revolutionizing the industry, bringing efficiencies to the practice of medicine and benefits to patients. However, the negotiation of third-party AI tools...more

Coast Guard Tightens Up Cybersecurity Regulations

Schwabe, Williamson & Wyatt PC on 3/5/2025

The maritime industry has become a prime target for hackers. In the last few years, it has seen a steep increase in the number of shipping-related cyberattacks. The recent surge marks a new and pressing challenge for ports...more

Virginia Legislature Passes First AI Bill of 2025--Now Awaits Governor's Approval

Baker Botts L.L.P. on 3/5/2025

Virginia has become the first state in 2025 to pass comprehensive artificial intelligence regulation, with lawmakers approving the "High-Risk Artificial Intelligence Developer and Deployer Act" (HB 2094). The legislation,...more

Security Requirements and Compliance Obligations in DOJ's Final Rule on Data Transactions

Akin Gump Strauss Hauer & Feld LLP on 2/24/2025

The Department of Justice’s (DOJ) final rule implements President Biden’s Executive Order 14117 of February 28, 2024, on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more

The Proposed Rule to Amend FAR Guidance on Safeguarding CUI – Care to Comment?

Husch Blackwell LLP on 2/24/2025

The FAR Council issued a proposed rule that would amend the several FAR provisions and add new clauses to provide guidance on the safe handling of CUI. Public comments on the proposed rule are being accepted until March 17,...more

Strategic Artificial Intelligence Planning Alert: A State and Federal Regulatory Roadmap for 2025 Compliance

Hinshaw & Culbertson - Privacy, Cyber & AI... on 2/21/2025

The World Economic Forum has stated that 88 percent of C-suite executives indicated that adopting artificial intelligence (AI) in their companies is a key initiative for 2025. Companies are pivoting from merely testing AI to...more

Release of Engineers and Geoscientists of British Columbia Practice Advisory on Use of Artificial Intelligence in Professional...

MG+M The Law Firm on 2/21/2025

On November 22, 2024, Engineers and Geoscientists British Columbia (EGBC) released Use of Artificial Intelligence (AI) in Professional Practice, a practice advisory for EGBC registrants that provides guidelines on the use of...more

FAR Proposed Controlled Unclassified Information Rule: A Path Toward Standardization

Cozen O'Connor on 2/21/2025

On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more

Back to the Future: CFTC Emphasizes Existing Regulatory Standards for New Al Technologies

Mintz on 2/7/2025

Advancements in artificial intelligence (AI) continue to reshape the financial services industry, with the growing popularity of generative Al (GenAl) tools prompting increased attention from US regulators. At the end of...more

It’s a New Year and a Good Time for a Cybersecurity Checkup

Clark Hill PLC on 2/5/2025

2024 was another active year in cybersecurity, with high-profile vulnerabilities and data breaches, and government and private sector responses to them. Examples include pervasive ransomware attacks targeting the healthcare,...more

Analyzing President Biden's Ambitious Cybersecurity Executive Order

Davis Wright Tremaine LLP on 2/5/2025

In his final days in office, President Biden signed an ambitious executive order to improve the federal government's approach to cybersecurity. Executive Order 14114 ("Executive Order"), issued January 16, 2025, titled...more

Akin Intelligence - November/December 2024

Akin Gump Strauss Hauer & Feld LLP on 2/3/2025

Welcome to the November-December edition of Akin Intelligence. As the end of 2024 approached, the European Union (EU) sustained progress on guidance and supporting materials for its AI Act and international AI Safety...more

At Long Last – The FAR CUI Rule is Here!

Sheppard Mullin Richter & Hampton LLP on 1/30/2025

The wait is finally over! After more than 14 years of anticipation, the Federal Acquisition Regulation (“FAR”) Proposed Rule on Controlled Unclassified Information (“CUI”) was released on January 15, 2025 and comes as part of...more

FedRAMP Releases New Draft Authorization Boundary Guidance

Sheppard Mullin Richter & Hampton LLP on 1/30/2025

Over the last few years, the Federal Risk and Authorization Management Program (“FedRAMP”) Program Management Office (“PMO”) has released two draft guidance documents related to defining the applicable boundary for security...more

Revocation of Executive Order 14110—Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence: Relevance to...

MG+M The Law Firm on 1/28/2025

On January 20, 2025, President Trump revoked Executive Order (EO) 14110—Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence, issued on October 30, 2023. EO 14110 was promulgated as a coordinated...more

Biden Administration’s Eleventh-Hour Executive Order Imposes New Software Requirements on Companies

King & Spalding on 1/24/2025

On January 16, 2025, President Biden issued Executive Order 14144 on Strengthening and Promoting Innovation in the Nation’s Cybersecurity (the “EO”). Building on prior initiatives such as Executive Order 14028 and the...more

128 Results

View per page

Page: of 6

Compliance › National Institute of Standards and Technology

"My best business intelligence, in one easy email…"