12 O’Clock High, A Podcast on Business Leadership – Leadership in Cybersecurity and Privacy with Robert Meyers
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Information Security and ISO 27001
A Compliance Officer Turned Board Member's Advice
Cyberside Chats: Protect Your Crown Jewels – Nobody breaks into a bank to steal the posters
Unauthorized Access: An Inside Look at Incident Response
No Password Required: The Philosopher CISO of Tallahassee Who Lives to Help Other People
Cyberside Chats - Zero Trust and Cyber Negligence: A conversation with Dr. Zero Trust Chase Cunningham
No Password Required: A Former Police Officer Who Embodies All the Qualities of a Great Leader
Modernize your Information Governance: Building a Framework for Success
CyberSide Chats: Recap of the White House Cyber Summit (with Amanda Fennell)
Canna We Talk Cannabis? Cybersecurity Risks Bring Growing Pains to Cannabis Businesses
The Importance Of Cybersecurity During A Merger & Acquisition Transaction
Phishing and Vishing and Smishing (Oh my!): New Types of Scams Require Increased Vigilance
On September 10, 2025, the U.S. Department of Defense (DoD) published its long-awaited final rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) to incorporate contractual requirements related to the...more
Incident response (IR) has undergone a drastic transformation in the past two decades, adapting to the relentless evolution of the cyber threat landscape. In the early 2000s, as the internet became more deeply ingrained in...more
An information security framework, when done properly, will allow any security leader to more intelligently manage their organization's cyber risk. The framework consists of a number of documents that clearly define the...more
Currently defense contractors who receive or create Controlled Unclassified Information (“CUI”) from or for the U.S. Department of Defense (“DoD”) are subject to several contract-based cybersecurity requirements, including...more
The legal profession is under constant threat of cyberattacks and breaches. Cybersecurity challenges exist in many contexts but the legal profession is particularly vulnerable due to its federated environment and disparate...more
The FedRAMP Program Management Office is seeking comments on its draft FedRAMP Authorization Boundary Guidance, Version 3.0, released on September 14, 2022. The public comment period currently is open and closes on October...more
Key Wireless Deadlines- NIST Requests Comment on Staging Cybersecurity Risks for Enterprise Risk Management and Governance Oversight: The National Institute of Standards and Technology (NIST) seeks comment on Draft NISTIR...more
The federal government is trying to find as many ways as possible to handle the cybersecurity crisis facing the United States. While it is unlikely that Congress will pass a comprehensive federal cybersecurity law for the...more
Most people don’t know, or care to know, about cryptography. Without cryptography, the internet privacy that we all rely on for transmitting virtually all forms of digital communication would be insecure from attackers. Our...more
The FedRAMP Program Management Office is seeking comments on its draft FedRAMP Authorization Boundary Guidance, Version 2.0, released on July 13, 2021. The public comment period currently is open and closes on September 13,...more
Background - Growing awareness regarding cybersecurity concerns with the Internet of Things (IoT) has achieved a milestone with the promulgation of the IoT Cybersecurity Improvement Act (the Act), which was signed into law by...more
Upcoming Filing and Comment Deadlines - FCC Seeks Input on WRC-23 Advisory Committee Draft Recommendations: Comments are due November 2 on the Federal Communications Commission’s (FCC or Commission) Public Notice, which...more
The year is 2013: The Obama administration just signed Executive Order 13636, calling for the sharing of cybersecurity risk information and a framework for reducing such risk. It was then that the National Institute of...more
Earlier this month, it was reported that the National Security Agency (NSA) discovered a serious security flaw in Microsoft Windows 10 cryptographic functionality, CVE-2020-0601.That security flaw could render trust...more
“Internet of Things” devices are listening. And now the federal government is taking notice. As we reported in our Government Contracts and Investigations blog, to date, federal cybersecurity regulations for government...more
In 2019, cybersecurity has become top-of-mind for most federal government contractors and agencies that share sensitive information. In addition to updated Department of Defense guidance and procedures for evaluating...more
Significant Changes to Online Copyright (DMCA) Safe Harbor and DoD Contractor Cybersecurity (NIST 800-171) Requirements Take Effect at the End of This Year. Important Change Affecting Digital Millennium Copyright Act...more
NFA links NFA’s supervisory requirements with its proposed requirements mandating that NFA Members have information systems security programs. The National Futures Association (NFA) has proposed cybersecurity...more
These days information security is on the minds of virtually all technology professionals and business executives alike. But how does an organization ensure that their security profile is adequate. It can certainly help to...more
On August 11, 2015, the Office of Management and Budget (“OMB”) released a draft policy memo entitled “Improving Cybersecurity Protections in Federal Acquisitions.” The purpose of the memo is to provide federal agencies with...more
Federal government contractors handling Controlled Unclassified Information (CUI) should take notice of two recent executive agency actions. Combined, they lay the groundwork for a new cybersecurity clause to be added to the...more