AI Today in 5: August 7, 2025. The US v. China Episode
Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
On July 30, 2025, the White House released a 166-page report titled “Strengthening American Leadership in Digital Financial Technology” (the “Report”).[1] Authored by a working group of cabinet members and federal agency...more
On July 30, 2025, the U.S. Department of Justice (DOJ) announced that biotechnology company Illumina Inc. agreed to pay $9.8 million plus interest to resolve allegations of misrepresenting compliance with federal...more
On July 31, 2025, the U.S. Department of Justice (“DOJ”) announced a $1.75 million False Claims Act (“FCA”) settlement with Aero Turbine Inc. (“Aero Turbine”), a California-based defense contractor, and private equity firm...more
A recent Department of Justice (“DOJ”) settlement highlights the importance of assessing cybersecurity compliance for government contractors during mergers and acquisitions (“M&A”). In April 2025, DOJ announced an $8.4...more
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: Texas Limits Punitive Damage Liability For Data Security Breach...more
The United States Department of Justice (DOJ) recently settled a qui tam suit with a defense contractor and its successor company for $8.4 million, resolving allegations that the contractor and successor company violated the...more
The United States Department of Justice (DOJ) recently settled a qui tam suit with defense contractor Raytheon and its successor company, Nightwing Intelligence Solutions, LLC (Nightwing), totaling $8.4 million. The...more
On May 1, 2025, the U.S. Department of Justice (DOJ) announced a settlement under the False Claims Act (FCA) involving defense contractors Raytheon Company (Raytheon), RTX Corporation (RTX), and Nightwing Group—the successor...more
Government efforts to enforce cybersecurity control requirements have moved forward in the opening months of the Trump administration. Regardless of the changes coming to other areas of contracting and the Federal Acquisition...more
Health Insurance Portability and Accountability Act (HIPAA)-covered entities and business associates should be familiar with restrictions on the use or disclosure of protected health information (PHI) under HIPAA rules....more
On March 26, 2025, the United States Department of Justice (DOJ) announced that it had reached an agreement with MORSECORP Inc. (MORSE) to settle alleged violations of the False Claims Act (FCA), specifically regarding...more
Despite a change in administrations, the government’s vigilance and enforcement of cybersecurity requirements have not missed a beat. On March 14, 2025, MORSECORP, Inc. of Cambridge, MA resolved allegations that it had...more
The Department of Justice (DOJ) recently reached a $4.6 million civil False Claims Act (FCA) settlement with MORSECORP, Inc. (MORSE) arising out of allegations that the company failed to comply with Department of Defense...more
In a striking move at the end of March, the U.S. Department of Justice (“DOJ”) announced a $4.6 million settlement with MORSE Corp Inc. (“MORSE”), a defense contractor based in Cambridge, Massachusetts, for falsely certifying...more
While some areas of white-collar enforcement have been deprioritized by the Trump Administration, the Department of Justice (DOJ) remains committed to its Civil Cyber-Fraud Initiative as demonstrated by two recent False...more
On March 26, 2025, the Department of Justice (DOJ) entered into a settlement agreement with MORSECORP, Inc. (MORSE), resolving False Claims Act (FCA) allegations that MORSE submitted false claims for payment under Department...more
A recent United States Department of Justice (DOJ) announcement reinforces that enforcement of cybersecurity requirements under the False Claims Act (FCA) remains an ongoing risk. According to the press release, defense...more
Amid ongoing policy shifts in Washington, the federal government’s interest in pursuing civil cyber-fraud cases appears to be here to stay. In October 2021, the Department of Justice (DOJ) initiated its Civil Cyber-Fraud...more
The Department of Justice’s (DOJ) final rule implements President Biden’s Executive Order 14117 of February 28, 2024, on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more
In his final days in office, President Biden signed an ambitious executive order to improve the federal government's approach to cybersecurity. Executive Order 14114 ("Executive Order"), issued January 16, 2025, titled...more
Over the last two decades, federal contractors have been frustrated by the Government’s hodgepodge approach to regulating Controlled Unclassified Information (CUI). Various agencies have implemented differing definitions,...more
Intellectual property (“IP”) policy does not weigh heavily on most voters’ minds, and so is not often addressed in presidential campaigns. This past campaign was no different – President-elect Donald Trump did not expressly...more
Last year we made some predictions about 2024’s cyber landscape and major issues. Several proved prescient, with incident reporting, CISO scrutiny, SEC aggression, and new regulation of various sectors taking shape as the...more
Note to research compliance officials still digesting news of Pennsylvania State’s recent $1.25 million settlement over False Claims Act (FCA) allegations related to cybersecurity and the government’s recent intervention in a...more
On December 16, the U.S. Department of Defense’s Cybersecurity Maturity Model Certification Program (CMMC) final rule (the “CMMC Program Rule”) will become effective, to codify the CMMC requirements and assessment processes....more