AI Today in 5: August 7, 2025. The US v. China Episode
Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
Since the beginning of the second Trump Administration, we have seen a dramatic shift in US AI policy away from mitigating AI’s social and physical harms to promoting America’s AI domination on the world’s stage, advancing...more
On July 23, 2025, the Trump Administration issued a 28-page action plan (the Action Plan or the Plan) and three corresponding Executive Orders designed to “win the AI race” and achieve “global dominance” in the AI...more
In June 2025, President Trump signed Executive Order 14306 (EO), titled “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144,” which amends and...more
On July 23, the White House released its strategic action plan on AI, “Winning the Race: America’s AI Action Plan” (the AI Action Plan), which is designed to secure U.S. global leadership in AI with a strategic focus on...more
On June 6, a new Executive Order (EO) on cybersecurity altered the compliance landscape for federal contractors. The order pauses the imminent requirement for software vendors to formally attest compliance with the Secure...more
The administration has signaled a potential softening of cyber regulation for domestic entities, with increasing focus on national security priorities and preparing for the future....more
On June 22, 2025, Texas enacted the Texas Responsible Artificial Intelligence Governance Act (“TRAIGA”), putting it at the forefront of state-level AI regulation in the United States. TRAIGA becomes effective January 1, 2026....more
Last week, the Trump administration made its priorities clear for the nation’s cybersecurity posture in the form of the newly issued executive order entitled “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity...more
The United States Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) have issued an...more
The National Security Agency’s Artificial Intelligence, Security Center (AISC), together with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Australian Signals...more
Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more
The FAR Council issued a proposed rule that would amend the several FAR provisions and add new clauses to provide guidance on the safe handling of CUI. Public comments on the proposed rule are being accepted until March 17,...more
As expected, President Trump took action on the first day of his new term to revoke the landmark 2023 Executive Order on Artificial Intelligence (AI) that was the centerpiece of the Biden Administration’s approach to AI....more
The Federal Acquisition Regulation (FAR) Council issued its long awaited proposed rule on Controlled Unclassified Information (CUI) on January 15, 2025. The proposed rule establishes a common form to be used by all federal...more
On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more
In light of recent cyberattacks targeting the federal government and United States supply chains, President Biden’s administration has released an Executive Order (the “Order”) in an attempt to modernize and enhance the...more
On February 26, 2024, the National Institute of Standards and Technology (NIST) released the Cybersecurity Framework version 2.0 (CSF 2.0). CSF 2.0 is a generational update to NIST’s foundational cybersecurity guidance, which...more
The National Institute of Standards and Technology (“NIST”) is seeking comments on its second draft of NIST SP 800-161 Rev. 1, “Cyber Supply Chain Risk Management Practices for Systems and Organizations,” published on October...more
Following a series of recent events involving policymakers from Trump’s Administration and Capitol Hill, artificial intelligence (AI) was the second hottest topic in D.C. These events, described in detail below, demonstrated...more