No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Why Privacy Matters to Your Business and What's in Store for 2025
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
On June 6, 2025, President Trump issued a new executive order, “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144” (EO), signaling the construction...more
Earlier this year, the FAR Council issued a proposed rule to implement the Controlled Unclassified Information (CUI) Program as it relates to federal contracts. The proposed rule is "just one element of a larger strategy to...more
As of January 17, 2025, the Department of Defense’s data rights regulations and contract clauses look a little different, yet substantively very little has changed. The update is to formally incorporate changes the Small...more
To kick off the New Year, Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2023 Recap (including links to all of the resources the team has put out over the...more
Substantive cybersecurity amendments to the Federal Acquisition Regulation (FAR) are underway, significantly altering the duties and obligations of federal government contractors both prior to award and during contract...more
In October 2023, the federal government released a Proposed Rule aimed at incorporating new cybersecurity reporting requirements into the Federal Acquisition Regulation (FAR). In this second installment of PilieroMazza’s...more
New standardized cybersecurity compliance requirements are inbound. In early October 2023, the Federal Acquisition Regulation (FAR) Council issued a proposed rule (Proposed Rule) to standardize cybersecurity requirements...more
Reflective of the Government’s increasing focus on cybersecurity, on October 3, 2023, the Federal Acquisition Regulation Council (FAR Council) released two new proposed rules that will have major impacts on federal...more
On October 3, 2023, the FAR Council released two long-awaited proposed rules for federal contractor cybersecurity stemming from the Biden Administration’s Cybersecurity Executive Order from May 2021 (Executive Order 14028)....more
The Department of Homeland Security (DHS) recently released a final rule (Final Rule), effective July 21, 2023, updating the Homeland Security Acquisition Regulation (HSAR) to include cybersecurity provisions aimed at...more
On June 21, the Department of Homeland Security (DHS) published a final rule to implement security measures that safeguard controlled unclassified information (CUI) from unauthorized access and disclosure and improve incident...more
The federal government recently issued an interim rule, effective immediately, prohibiting the presence or use of the TikTok application in the performance of a contract. This rule continues the government’s actions against...more
The National Institute of Standards and Technology (NIST) has released an initial public draft of NIST SP 800-171, Revision 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. Compliance...more
Almost two years ago, Executive Order 14028 – Improving the Nation’s Cybersecurity (EO) was issued requiring a host of actions be taken by the Federal Acquisition Regulation (FAR) Council, the National Institute of Standards...more
The federal government has continued its efforts to fulfill the requirements set forth in Executive Order 14028, Improving the Nation’s Cybersecurity. For companies that do business with the Federal government, beyond looking...more
Yesterday we continued our series... with the Office of Management and Budget’s September 2022 memorandum requiring federal agencies to only use software from software producers that attest compliance with secure software...more
With the release of GSA Polaris around the corner, one looming issue remains: Contractors may lose out on an award or, perhaps worse, they may find themselves without access to task orders after granted a Polaris award due to...more
The Government Contracts Cyber Café provides coaching, training and analysis to help you work through the technical, legal, accounting and other requirements confronting your organization, with the goal of helping you achieve...more
In 2019, cybersecurity has become top-of-mind for most federal government contractors and agencies that share sensitive information. In addition to updated Department of Defense guidance and procedures for evaluating...more
Since last year, I have been writing about the increasing impact of cybersecurity on contract awards. DoD has issued guidance on how it will evaluate system security plans, and it has indicated that, along with cost,...more
The Department of Defense (DOD) and its component services and agencies are taking several independent steps to assess and enhance their cyber and supply chain security that will directly or indirectly affect DOD contractors...more
The Department of Defense’s cybersecurity requirements for Covered Defense Information became effective on Dec. 31, 2017. See DFARS 52.204-7012. There is no corresponding FAR cybersecurity rule, leaving the civilian agencies...more
Under the Department of Defense (DoD) final Defense Federal Acquisition Regulation Supplement (DFARS) rule on Network Penetration Reporting and Contracting for Cloud Services, DoD contractors maintaining, processing, or...more
This article summarizes some of the many risks and implications that are associated with failing to comply with U.S. government-unique cyber and information technology requirements. We are often asked by small and...more
The Department of Defense (DoD) issued an interim cybersecurity rule in August 2015 that, among other things, revises the existing Defense Federal Acquisition Regulation Supplement (DFARS) cybersecurity clause and increases...more