Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
On June 6, 2025, President Trump issued an Executive Order entitled “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144” (the “Order”). The measure...more
President Trump issued a cybersecurity Executive Order, “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity” (Trump EO), along with a corresponding Fact Sheet on June 6, 2025. The Trump EO clears some of the...more
In his final days in office, President Biden signed an ambitious executive order to improve the federal government's approach to cybersecurity. Executive Order 14114 ("Executive Order"), issued January 16, 2025, titled...more
On January 16, 2025, former President Biden issued the Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity (the EO). The EO directs various parts of the federal government to adopt a...more
Citing the threats posed by foreign adversaries and criminal organizations, and seeking enhanced accountability for companies that provide software and cloud services to the federal government, the Biden administration has...more
So far, 2024 has been another very busy year for U.S. cybersecurity regulation. Among the top priorities has been software security, as we previewed early this year. Companies that sell software to the federal government or...more
WHAT: The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) published the final version of its Secure Software Development Attestation Common Form (Common Form) and announced...more
On March 11, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Office of Management and Budget (“OMB”) released the highly-anticipated Secure Software Development Attestation Form (also known as the...more
On June 9, 2023, the Office of Management and Budget (OMB) issued a guidance memorandum, OMB M-23-16, that extends the timeline for agencies to begin collecting attestations for critical and non-critical software from...more
On June 9, 2023, OMB released additional guidance on the implementation of OMB Memorandum M-22-18, Enhancing the Security of the Software Supply Chain through Secure Software Development Practice, which requires that federal...more
As follow-on guidance to Office of Management and Budget’s (OMB) September 14, 2022 memo and the associated Executive Order on Improving the Nation’s Cybersecurity from May 2021, the Cybersecurity and Infrastructure Security...more
Yesterday we continued our series... with the Office of Management and Budget’s September 2022 memorandum requiring federal agencies to only use software from software producers that attest compliance with secure software...more
New Software Development Security Attestation and Related False Claims Act Liability for Commercial and Noncommercial Software Developers and Suppliers - Key takeaway - Software producers at all levels in the federal...more
On September 14, 2022, the Office of Management and Budget (OMB) issued much-anticipated guidance on the implementation of Secure Software Development Framework (SSDF) requirements for contractors (The “Guidance Memo”)...more
Per Executive Order 14028, Improving the Nation’s Cybersecurity, the Office of Management and Budget (OMB) issued a memorandum on September 14, 2022 requiring federal agencies to only use software from software producers that...more
On September 14, 2022, the Office of Management and Budget (“OMB”) issued a memorandum on Enhancing the Security of the Software Supply Chain through Secure Software Development Practices (“OMB Memo”) to help ensure software...more
Companies providing software to the federal government need to be prepared to attest that their software is NIST (National Institute of Standards and Technology)-compliant within the coming year. On September 14, 2022, the...more
The President’s new Executive Order on Improving the Nation’s Cybersecurity includes wide-ranging measures intended to strengthen security standards for the federal government and federal government contractors in response to...more
On May 12, 2021, the Biden Administration issued its much anticipated “Executive Order on Improving the Nation’s Cybersecurity.” Below are provisions we believe will be of most interest to contractors, as well as any company...more
On May 12, 2021, President Joe Biden issued a comprehensive Executive Order (EO) on Improving the Nation's Cybersecurity that promises sweeping changes in federal contracts for information technology (IT), cloud services and...more
Internet of Things (IoT) devices have the potential to transform our home and work environment by integrating a growing range of “smart” wirelessly connected sensors into our daily lives. Recognizing the growing importance of...more