News & Analysis as of

Regulatory Requirements Information Technology

Mayer Brown

Hong Kong Passes First Cybersecurity Legislation for Regulating Critical Infrastructures

Mayer Brown on

INTRODUCTION - The Protection of Critical Infrastructures (Computer Systems) Bill (the "Bill"), as the first law in Hong Kong to deal with cybersecurity was passed on 19 March 2025, and will come into force on 1 January 2026....more

McCarter & English Blog: Government Contracts...

FAR 2.0 Part 39 in Arcade Mode—How Federal IT Acquisition Just Hit Reset

For those who grew up gripping a joystick and dodging alien fire in Defender, riding ostriches through floating platforms in Joust, or crossing a hectic freeway in Frogger, winning wasn’t about memorizing rules; it was about...more

Hogan Lovells

The EU Digital Operational Resilience Act (DORA): top 7 challenges for IT vendors

Hogan Lovells on

The Digital Operational Resilience Act ("DORA") is the EU's latest legislative effort to enhance digital operational resilience across the financial sector through a harmonised set of rules for managing information and...more

Blank Rome LLP

Department of Defense to Increase Scrutiny Over IT Consulting and Advisory Contracts

Blank Rome LLP on

The Department of Defense’s (“DoD”) Under Secretary for Acquisition and Sustainment issued a memorandum on June 23, 2025, that tightens oversight on DoD contracts for information technology consulting & management services...more

Schwabe, Williamson & Wyatt PC

FAR Council Releases Modifications to Three Sections

The FAR Council is undertaking a systematic approach to revising the FARs. On Friday, June 13, 2025, it released its revisions to FAR Part 18 – Emergency Acquisitions, FAR Part 39 – Acquisition of Information and...more

Barnea Jaffa Lande & Co.

DORA for Tech Vendors - What You Should Know (But Haven’t Asked)

DORA (Digital Operational Resilience Act) is an EU regulation that sets rules for how financial entities manage ICT (Information and Communication Technology) risks. It covers areas like cyber resilience, incident reporting,...more

Holland & Knight LLP

DOD Secretary Directs Limitation of IT Consulting and Advisory Services Contracts

Holland & Knight LLP on

Contractors Should Seek to Distinguish Themselves in More Competitive Environment - The U.S. Department of Defense (DOD) on May 27, 2025, issued a memorandum implementing Executive Order (EO) 14222. As Holland & Knight...more

Alston & Bird

European Vulnerability Database Published by the European Union Agency for Cybersecurity

Alston & Bird on

The European Union Agency for Cybersecurity (ENISA) has launched the European Vulnerability Database (EUVD), a tool designed to enhance digital security across the EU. The EUVD is available here....more

Holland & Knight LLP

DOD Secretary Directs Limitation of IT Consulting and Advisory Services Contracts

Holland & Knight LLP on

The U.S. Department of Defense (DOD) on May 27, 2025, issued a memorandum implementing Executive Order (EO) 14222. As our team previously summarized, EO 14222 implemented the Department of Government Efficiency's (DOGE) "cost...more

Dickinson Wright

Cyber Risk, Real Consequences: DOJ Steps Up Enforcement

Dickinson Wright on

Government efforts to enforce cybersecurity control requirements have moved forward in the opening months of the Trump administration. Regardless of the changes coming to other areas of contracting and the Federal Acquisition...more

McDermott Will & Emery

Risk Management in the Modern Era of Workplace Generative AI

Generative artificial intelligence (GenAI) is becoming more prevalent in the workplace, including as a tool for human resources (HR) leaders to use in their employment practices. At the same time, close to a dozen states have...more

Guidepost Solutions LLC

Unlocking Opportunity: Navigating the New Data Center Validated End User Program

Recently, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) published a significant interim final rule (IFR) that has created both challenges and exciting opportunities for these operators. This IFR...more

Carlton Fields

FINRA’s Blueprint for the Metaverse

Carlton Fields on

In October 2024, FINRA released its blueprint for the securities industry’s use of the metaverse — the metaverse report. The metaverse, often framed as “the next evolution of today’s internet,” is a loosely defined term used...more

Troutman Pepper Locke

The Least Known Risk in the Energy Sector: The “ICTS” National Security Rules

Troutman Pepper Locke on

There are unprecedented risks and opportunities emerging for companies in the energy sector as the Trump administration’s priorities start to come into focus. Many of those are well-known to the industry. Here’s one that’s...more

Davis Wright Tremaine LLP

FedRAMP 20x Initiative Promises Major Changes for Federal Cloud Service Providers

Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more

A&O Shearman

EC publishes draft delegated regulation on subcontracting RTS under DORA

A&O Shearman on

On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more

Troutman Pepper Locke

OCC Notifies Congress of Major Email System Security Breach

Troutman Pepper Locke on

On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more

Katten Muchin Rosenman LLP

DORA Compliance: Navigating the Latest Developments

On 24 March 2025, the following two developments relating to the implementation of the EU Digital Operational Resilience Act (DORA) took place...more

Mitratech Holdings, Inc

The Vendor Onboarding Process: Keys to Success

What Is Vendor Onboarding? Vendor onboarding is the process of establishing a company as an approved provider of technology, goods, or services to your organization. It’s also an essential early step in the vendor risk...more

Holland & Knight LLP

GSA Announces Overhaul of FedRAMP with Emphasis on Industry Input and Automation

Holland & Knight LLP on

The U.S. General Services Administration (GSA) recently announced plans to develop the Federal Risk and Authorization Management Program (FedRAMP) 20x – a new approach to the government-wide program for the security...more

Morgan Lewis

Data Center Operations: Aligning Supply Chain, Compliance, and Customer Expectations

Morgan Lewis on

The demand for data centers is continuing to accelerate, fueled largely by generative artificial intelligence (Gen AI), broader digital transformation, and organizations migrating to cloud infrastructure. Gen AI adoption...more

Integreon

DORA Compliance Part 2: Addressing Compliance Across Critical Operational Areas

Integreon on

Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more

A&O Shearman

European Commission adopts RTS on the elements to assess when subcontracting certain ICT services under DORA

A&O Shearman on

The European Commission has adopted a Delegated Regulation supplementing Regulation 2022/2554 on digital operational resilience for the financial sector (DORA) with regard to regulatory technical standards specifying the...more

Dacheng

China Monthly Data Protection Update: March 2025

Dacheng on

This monthly report outlines key developments in China’s data protection sector for March. The following events merit special attention...more

Pagefreezer

HIPAA Regulations & Business Associate Agreements In The Age Of Digital Collaboration

Pagefreezer on

The healthcare industry has come up against unprecedented pressure in recent years. Digital transformation has had a significant role to play when it comes to creating the efficiency needed to deal with the challenges of a...more

108 Results
 / 
View per page
Page: of 5

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide