Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
In June 2025, President Trump signed Executive Order 14306 (EO), titled “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144,” which amends and...more
On July 23, the White House released its strategic action plan on AI, “Winning the Race: America’s AI Action Plan” (the AI Action Plan), which is designed to secure U.S. global leadership in AI with a strategic focus on...more
The administration has signaled a potential softening of cyber regulation for domestic entities, with increasing focus on national security priorities and preparing for the future....more
On June 6, 2025, President Trump issued an Executive Order entitled “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144” (the “Order”). The measure...more
Last week, the Trump administration made its priorities clear for the nation’s cybersecurity posture in the form of the newly issued executive order entitled “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity...more
Artificial Intelligence (AI) is revolutionizing industries globally, from healthcare to finance, retail, technology, and education, enabling businesses and consumers alike to achieve their tasks more efficiently and...more
Quantum computing (QC) is poised to disrupt cybersecurity in ways that business leaders and legal professionals cannot afford to ignore. But what exactly is quantum computing, why does it pose such a significant threat to...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
Last month, the U.S. Department of Justice’s (“DOJ”) Criminal Division announced its periodical update to its Evaluation of Corporate Compliance Programs (“ECCP”), zeroing in on how companies manage risk related to artificial...more
As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risks from developing and deploying AI systems that do not function as intended or that yield problematic outcomes....more
More than two months after the February 2024 Change Healthcare cyber-ransom attack, the healthcare industry continues to grapple with the fallout, creating significant challenges, disruptions, and outages to the healthcare...more
On February 26, 2024, the Connecticut Insurance Department (the CID) adopted Bulletin No. MC-25 on the “Use of Artificial Intelligence Systems in Insurance” (Connecticut Bulletin). This Connecticut Bulletin is similar to the...more
NIST has updated its widely used Cybersecurity Framework to provide key updates and practical resources for organizations to manage and discuss cybersecurity risk. The updated framework, which remains voluntary, is designed...more
The National Institute of Standards and Technology ("NIST") released a significant update to its framework, expanding its scope and reach to cover a broader audience and evolving cybersecurity risks and management issues....more
On February 26, 2024, the National Institute of Standards and Technology (NIST) released the Cybersecurity Framework version 2.0 (CSF 2.0). CSF 2.0 is a generational update to NIST’s foundational cybersecurity guidance, which...more
The National Institute of Science and Technology (NIST) has released NIST Cybersecurity Framework (2.0) (Framework 2.0). NIST released two earlier versions of the Framework for Improving Critical Infrastructure Cybersecurity...more
On February 26, 2024, the National Institute of Standards and Technology (NIST), an agency within the U.S. Department of Commerce, released Version 2.0 of its Cybersecurity Framework (CSF), the first major update since its...more
Cybersecurity compliance, governance, and disclosure practices have evolved significantly over the past decade. As we have noted in prior blog posts, the U.S. Securities and Exchange Commission is requiring cybersecurity...more
On February 14, 2024, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) published a new, final version of their guidance for...more
The U.S. Department of Defense released a special holiday treat for government contractors and subcontractors last week in the form of long-promised proposed regulations for its Cybersecurity Maturity Model Certification...more
2023 has been a big year for AI with the landmark Executive Order for Safe, Secure, and Trustworthy Artificial Intelligence (EO) adding to the already busy and dynamic AI landscape. Issued less than two months ago, the EO has...more
On May 24, 2023, Microsoft announced the detection of a direct threat to critical infrastructure organizations in Guam and elsewhere in the United States. The alert attributed observed malicious activity to a state-sponsored...more
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (UK NCSC), along with partner agencies from 17 nations, have released Guidelines for Secure AI System Development (the...more
On October 30, 2023, the Biden administration released a far-reaching executive order (EO) on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (AI). The EO issues directives related to the use...more
A year in review for the ChatGPT (chatbot generative pre-trained transformer) — and a look ahead at the global response to AI & which governance “guardrails” are required. On November 30th, 2023, the world will celebrate...more