When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
Uncovering Hidden Risks: Ep 13 - Unveil Data Security Paradoxes
To kick off the New Year, Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2023 Recap (including links to all of the resources the team has put out over the...more
Substantive cybersecurity amendments to the Federal Acquisition Regulation (FAR) are underway, significantly altering the duties and obligations of federal government contractors both prior to award and during contract...more
In October 2023, the federal government released a Proposed Rule aimed at incorporating new cybersecurity reporting requirements into the Federal Acquisition Regulation (FAR). In this second installment of PilieroMazza’s...more
New standardized cybersecurity compliance requirements are inbound. In early October 2023, the Federal Acquisition Regulation (FAR) Council issued a proposed rule (Proposed Rule) to standardize cybersecurity requirements...more
Reflective of the Government’s increasing focus on cybersecurity, on October 3, 2023, the Federal Acquisition Regulation Council (FAR Council) released two new proposed rules that will have major impacts on federal...more
On October 3, 2023, the FAR Council released two long-awaited proposed rules for federal contractor cybersecurity stemming from the Biden Administration’s Cybersecurity Executive Order from May 2021 (Executive Order 14028)....more
The Department of Homeland Security (DHS) recently released a final rule (Final Rule), effective July 21, 2023, updating the Homeland Security Acquisition Regulation (HSAR) to include cybersecurity provisions aimed at...more
A new Federal Acquisition Regulation (FAR 52.204-27) enacted in June 2023 requires companies with covered contracts to ban the use of TikTok and other apps developed by ByteDance Limited on employee devices, including...more
On June 21, the Department of Homeland Security (DHS) published a final rule to implement security measures that safeguard controlled unclassified information (CUI) from unauthorized access and disclosure and improve incident...more
The federal government recently issued an interim rule, effective immediately, prohibiting the presence or use of the TikTok application in the performance of a contract. This rule continues the government’s actions against...more
The National Institute of Standards and Technology (NIST) has released an initial public draft of NIST SP 800-171, Revision 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. Compliance...more
Almost two years ago, Executive Order 14028 – Improving the Nation’s Cybersecurity (EO) was issued requiring a host of actions be taken by the Federal Acquisition Regulation (FAR) Council, the National Institute of Standards...more
The federal government has continued its efforts to fulfill the requirements set forth in Executive Order 14028, Improving the Nation’s Cybersecurity. For companies that do business with the Federal government, beyond looking...more
Yesterday we continued our series... with the Office of Management and Budget’s September 2022 memorandum requiring federal agencies to only use software from software producers that attest compliance with secure software...more
In this second in our series, we look at the long awaited update to NIST SP 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations,” which is expected to be released in late spring...more
As 2021 draws to a close, we wanted to share a recap of some of the most important cybersecurity developments we covered this past year along with some suggestions on what companies (particularly those that do business with...more
With the release of GSA Polaris around the corner, one looming issue remains: Contractors may lose out on an award or, perhaps worse, they may find themselves without access to task orders after granted a Polaris award due to...more
Federal contractors know all too well the list of annual requirements and obligations can seem overwhelming at times. One that may get overlooked by some is annual training requirements. A fairly new such training went into...more
The saga of what is prohibited and what is covered by an exception to the National Defense Authorization Act, FY 2019, Section 889 prohibition on the use or delivery of covered telecommunications and video surveillance...more
In the latest development relating to the implementation of Section 889 of the National Defense Authorization Act for FY 2019, a second interim rule was issued on August 27, 2020. We previously reported on the Federal...more
The Government Contracts Cyber Café provides coaching, training and analysis to help you work through the technical, legal, accounting and other requirements confronting your organization, with the goal of helping you achieve...more
Last month we reported on the Department of Defense’s (DoD’s) issuance of Version 0.6 of its draft Cybersecurity Maturity Model Certification (CMMC) standard. That draft included DoD updates and revisions to CMMC’s domains,...more
In 2019, cybersecurity has become top-of-mind for most federal government contractors and agencies that share sensitive information. In addition to updated Department of Defense guidance and procedures for evaluating...more
Since last year, I have been writing about the increasing impact of cybersecurity on contract awards. DoD has issued guidance on how it will evaluate system security plans, and it has indicated that, along with cost,...more
The Department of Defense (DOD) and its component services and agencies are taking several independent steps to assess and enhance their cyber and supply chain security that will directly or indirectly affect DOD contractors...more