News & Analysis as of

Cybersecurity National Institute of Standards and Technology Software

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Wiley Rein LLP

Policy Patches: An Update on Software Security Regulation

Wiley Rein LLP on

So far, 2024 has been another very busy year for U.S. cybersecurity regulation. Among the top priorities has been software security, as we previewed early this year. Companies that sell software to the federal government or...more

King & Spalding

NIST Releases Series of AI Guidelines & Software in Ongoing Response to AI Executive Order

King & Spalding on

The U.S. Department of Commerce’s National Institute of Standards and Technology (“NIST”) recently announced the publication of three AI guidelines as well as its release of a software package aimed at helping organizations...more

WilmerHale

NIST Issues New AI Risk Mitigation Guidelines and Software

WilmerHale on

On July 26, 2024, the National Institute for Standards and Technology (“NIST”), part of the Department of Commerce, released guidelines, a global engagement plan, and software covering various aspects of AI technology...more

Foley & Lardner LLP

Rolling With the Punches in a Networked World: CCOE Cybersecurity Panel Discussion

Foley & Lardner LLP on

Whether the game is football, baseball, hockey, or Indy Car racing, no team goes into their major championship matchup without training. Companies need to train as well if they intend to operate on the internet and expect to...more

PilieroMazza PLLC

CISA Unveils Final Self-Attestation Form for Software Producers Bidding on Federal Contracts

PilieroMazza PLLC on

In March 2024, the Cybersecurity and Infrastructure Security Agency (CISA) released the final version of its secure software development self-attestation common form (Form), requiring federal government contractors who...more

Woods Rogers

DoD Unveils Cybersecurity Strategy for Defense Industrial Base: What You Need to Know

Woods Rogers on

The United States Department of Defense (“DoD”) recently published its Defense Industrial Base Cybersecurity Strategy 2024. For context, the DIB is comprised of more than 100,000 domestic and foreign companies or...more

Wiley Rein LLP

What Does CISA’s Secure Software Development Form Mean for Contractors?

Wiley Rein LLP on

WHAT: The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) published the final version of its Secure Software Development Attestation Common Form (Common Form) and announced...more

Sheppard Mullin Richter & Hampton LLP

CISA Opens Repository for Submission of Software Security Attestation Forms

Sheppard Mullin Richter & Hampton LLP on

On March 11, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Office of Management and Budget (“OMB”) released the highly-anticipated Secure Software Development Attestation Form (also known as the...more

Sheppard Mullin Richter & Hampton LLP

Update: CISA Seeks Additional Input from Software Providers on Security Attestation Form

Sheppard Mullin Richter & Hampton LLP on

The Cybersecurity and Infrastructure Security Agency (“CISA”) recently revised its Secure Software Development Attestation Common Form (after receiving over 110 comments on the initial draft), and is seeking additional...more

White & Case LLP

The SEC’s Charges Against SolarWinds and its Chief Information Security Officer Provide Important Cybersecurity Lessons for Public...

White & Case LLP on

On October 30, 2023, the US Securities and Exchange Commission ("SEC") announced that it filed charges against SolarWinds Corp. ("SolarWinds" or the "Company") and its Chief Information Security Officer ("CISO") in connection...more

Health Care Compliance Association (HCCA)

Privacy Briefs: October 2023

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more

Foley & Lardner LLP

NIST’s AI Risk Management Framework Helps Businesses Address AI Risk

Foley & Lardner LLP on

As we previously discussed, earlier this year the National Institute of Standards and Technology (NIST) launched the Trustworthy and Responsible AI Resource Center. Included in the AI Resource Center is NIST’s AI Risk...more

Sheppard Mullin Richter & Hampton LLP

White House Provides New Guidance & Extends Deadline for Secure Software Attestations

Sheppard Mullin Richter & Hampton LLP on

On June 9, 2023, OMB released additional guidance on the implementation of OMB Memorandum M-22-18, Enhancing the Security of the Software Supply Chain through Secure Software Development Practice, which requires that federal...more

Fenwick & West LLP

UPDATE: Secure Software Development Attestation: A(nother) Government Requirement

Fenwick & West LLP on

As follow-on guidance to Office of Management and Budget’s (OMB) September 14, 2022 memo and the associated Executive Order on Improving the Nation’s Cybersecurity from May 2021, the Cybersecurity and Infrastructure Security...more

McCarter & English Blog: Government Contracts...

NIST SP 800-171 Revision 3: Not Another Reboot

McCarter & English Blog: Government Contracts... on

Hollywood is full of them. And unless you are trapped on the Planet of the Apes, caught on the 3:10 to Yuma, or running from Godzilla, you’ve probably seen a movie reboot or two over the past two decades. The term generally...more

Ankura

FDA Authorized to Establish New Cybersecurity Standards for Medical Devices: What it Means for Industry

Ankura on

On December 29, 2022, President Biden signed a new statute that will significantly impact medical device cybersecurity regulation. Section 3305 of the Consolidated Appropriations Act of 2023 (“Section 3305”) authorizes the...more

Wiley Rein LLP

The US Government is Working Globally to Shift Cyber Duties: New Report Shows Ambitious Goals

Wiley Rein LLP on

As part of the government’s move to “rebalance” responsibilities in cyber, described in the National Cybersecurity Strategy, the United States government on April 13 released a notable document in partnership with several...more

Sheppard Mullin Richter & Hampton LLP

Biden Administration Releases Highly Anticipated National Cybersecurity Strategy

Sheppard Mullin Richter & Hampton LLP on

On March 2, 2023, the Biden Administration released its National Cybersecurity Strategy. The Strategy represents the latest push by the Administration to focus on cybersecurity concerns, following the release of Executive...more

PilieroMazza PLLC

GSA Technology Contractors: 4 Requirements to Ensure Only Approved Software Is Used

PilieroMazza PLLC on

Almost two years ago, Executive Order 14028 – Improving the Nation’s Cybersecurity (EO) was issued requiring a host of actions be taken by the Federal Acquisition Regulation (FAR) Council, the National Institute of Standards...more

Sheppard Mullin Richter & Hampton LLP

Do Business With the Federal Government? Here’s a 2022 Cybersecurity Recap: Part Three - Secure Software Development Attestation...

Sheppard Mullin Richter & Hampton LLP on

Yesterday we continued our series... with the Office of Management and Budget’s September 2022 memorandum requiring federal agencies to only use software from software producers that attest compliance with secure software...more

Ankura

OMB Renews Commitment to EO14028 by Requiring SSDF Compliance in Federal Software Acquisition

Ankura on

On September 14, 2022, the Office of Management and Budget (OMB) issued much-anticipated guidance on the implementation of Secure Software Development Framework (SSDF) requirements for contractors (The “Guidance Memo”)...more

Pietragallo Gordon Alfano Bosick & Raspanti,...

Labeling Devices for Cybersecurity Protection

Pietragallo Gordon Alfano Bosick & Raspanti,... on

Takeaway: Security labels on internet-connected devices are on the horizon for companies that manufacture and want to sell such devices worldwide. On October 19, 2022, 50 representatives from different industries including...more

Sheppard Mullin Richter & Hampton LLP

Federal Government Outlines New Security and Attestation Requirements for Software

Sheppard Mullin Richter & Hampton LLP on

Per Executive Order 14028, Improving the Nation’s Cybersecurity, the Office of Management and Budget (OMB) issued a memorandum on September 14, 2022 requiring federal agencies to only use software from software producers that...more

Jones Day

New Security Rules for Organizations Supplying Software to the Federal Government

Jones Day on

The OMB has issued memorandum M-22-18 with new security requirements (the "Rules") requiring federal agencies to ensure that all third-party software they use complies with secure software development standards and guidance...more

Womble Bond Dickinson

Federal Software Providers Need to Be Ready to Attest to NIST Compliance Within the Coming Year

Womble Bond Dickinson on

Companies providing software to the federal government need to be prepared to attest that their software is NIST (National Institute of Standards and Technology)-compliant within the coming year. On September 14, 2022, the...more

50 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide