AI Today in 5: August 7, 2025. The US v. China Episode
Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
On June 6, 2025, the Trump Administration issued a new Executive Order, Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144 (the EO) that contains...more
The second half of 2024 saw a myriad of Artificial Intelligence (AI) related legal and regulatory developments for the EU and UK, critically with the EU AI Act coming into force on 1 August 2024. This has been followed by...more
On October 30, 2023, the Biden administration released a far-reaching executive order (EO) on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (AI). The EO issues directives related to the use...more
A year in review for the ChatGPT (chatbot generative pre-trained transformer) — and a look ahead at the global response to AI & which governance “guardrails” are required. On November 30th, 2023, the world will celebrate...more
November has been a busy month in artificial intelligence on the international, federal, and state levels. The last several weeks have seen what is probably an unprecedented amount of activity regarding artificial...more
This second part of a two-part series on U.S. regulation of artificial intelligence systems highlights state legislation and litigation to watch concerning AI systems, and provides practical takeaways as we look toward the...more
In the waning days of 2022 and the 117th Congress, President Biden signed H.R.7535, the Quantum Computing Cybersecurity Preparedness Act, into law. The law recognizes the future threat that quantum decryption poses to federal...more
The White House recently hosted a group of industry and government partners to discuss the development and implementation of an Internet of Things (IoT) labeling program. This program would develop a common label to help...more
Infusing billions of dollars into the U.S. semiconductor industry and appropriating billions more for scientific research and development, what is now colloquially referred to as the CHIPS and Science Act of 2022 was signed...more
CYBERSECURITY NIST - Releases Guidance on Supply Chain Security - The National Institute of Standards and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain...more
The federal government is trying to find as many ways as possible to handle the cybersecurity crisis facing the United States. While it is unlikely that Congress will pass a comprehensive federal cybersecurity law for the...more
On November 15, 2021, President Joe Biden signed into law the Infrastructure Investment and Jobs Act (IIJA), unleashing over $1 trillion of federal money to strengthen the nation’s infrastructure and fund other key programs...more
Report on Patient Privacy 21 no. 9 (September, 2021) - As ransomware attacks become epidemic and breaches get larger, the Biden administration is partnering with private industry to bolster security and education in an...more
Although the Connecticut legislature was not successful in passing a privacy law similar to those passed in California, Colorado and Virginia, on June 24, 2021, the “Act Incentivizing The Adoption Of Cybersecurity Standards...more
In mid-March, Utah Governor Spencer Cox signed into law the Cybersecurity Affirmative Defense Act (HB80) (“the Act”), an amendment to Utah’s data breach notification law, creating several affirmative defenses for persons...more
Last December, the IoT Cybersecurity Improvement Act became law in the U.S. The legislation outlines security requirements that federal Internet of Things (IoT) devices need to contain going forward. Broadly, IoT refers to...more
The Internet of Things Cybersecurity Improvement Act of 2020 was signed into law on December 4, resulting in the first federal regulation of the Internet of Things (IoT). ...more
There is a new federal IoT law, H.R. 1668, the IoT Cybersecurity Improvement Act of 2020, that recently passed the House and Senate and was signed by the President on December 4. ...more
On Friday, December 4, 2020, President Donald Trump signed H.R. 1668, the Internet of Things (IoT) Cybersecurity Improvement Act of 2020, into law. The measure, which was approved by the House of Representatives in September...more
This week, the Internet of Things Cybersecurity Improvement Act (HR 1668), which was first introduced in March 2019, passed the House vote. “Internet of Things” (or “IoT”) describes a network of physical devices embedded...more
Commonsense IoT security steps that startups and small business should consider to comply with California’s new law - California recently enacted a new law, Senate Bill 327, that requires companies that make Internet of...more
Tacking an entirely new direction from other US states, Ohio has decided to offer defensive legal protection to businesses who have built a cybersecurity regime around well-known industry standards, even where those...more
Effective November 2, 2018, companies that suffer a breach may have certain defenses in Ohio if they have a written cybersecurity program in place. Under this new law, companies can use as an affirmative defense the existence...more
The Ohio legislature recently passed S.B. 220, which gives businesses that suffer a data breach an affirmative defense against tort claims brought in class action suits....more
The Federal Information Security Modernization Act of 2014 (FISMA) was passed by the Senate on December 8th, by the House on December 10th, and by the President on December 18th. It is a comprehensive bill intended to bring...more