Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
In this episode of "Regulatory Phishing," Government Contracts and Cybersecurity attorney Eric Crusius delves into the latest developments from the Cybersecurity Maturity Model Certification (CMMC) program, National Institute...more
To help you stay on top of the latest news, our AI practice group has compiled a roundup of the developments we are following....more
Companies should consider how new AI risk standards may align to their operations and whether to comment on the draft standards to shape their development. On April 29, 2024, the White House announced that several federal...more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
As artificial intelligence (AI) and generative AI (GAI) continue to evolve and become integral to business operations, businesses must be mindful of the risks associated with deploying AI solutions. Although there is not...more
The Office of the National Cyber Director (ONCD) has extended the deadline to respond to its Request for Information (RFI) seeking public comment on "opportunities for and obstacles to harmonizing" cybersecurity regulations....more
Voluntary Commitments Ensuring Safe, Secure and Trustworthy AI Prominent generative AI companies, including Meta, OpenAI, Microsoft, Google, Anthropic and Inflection, committed to a voluntary set of guidelines negotiated by...more
Beginning in 2019, the US federal government ramped up its involvement in, and regulation of, the use of artificial intelligence (AI). The federal government is grappling with how to incentivize AI innovation responsibly,...more
Since the General Data Protection Regulation (GDPR) went into effect in 2018, over half a dozen countries have passed similar privacy regulations and another few dozen have updated or proposed new privacy regulations. In the...more
On January 7, 2019, the federal Office of Management and Budget (OMB) released a draft of a memorandum setting forth guidance to assist federal agencies in developing regulatory and non-regulatory approaches regarding...more
Addressing cybersecurity risks invariably involves very technical matters. As a result, in many companies the IT department has been responsible for developing and implementing cybersecurity plans and procedures....more
As we previously reported, in September 2016 the New York Department of Financial Services (the “DFS”) proposed a regulation that would require banks, insurance companies and other financial services institutions regulated by...more
On December 16, 2015, the Commodity Futures Trading Commission (“CFTC”) released two Notices of Proposed Rulemaking (“NPRMs” or “Proposed Rules”) that would, if finalized, supplement existing regulations covering the...more
On August 28, 2015, the National Futures Association (NFA) submitted a proposed interpretative notice (Notice) to the Commodity Futures Trading Commission (CFTC) to require information systems security programs (ISSPs). If...more
NFA links NFA’s supervisory requirements with its proposed requirements mandating that NFA Members have information systems security programs. The National Futures Association (NFA) has proposed cybersecurity...more
National Institute of Standards and Technology (NIST) has published draft recommendations aimed at securing the confidentiality of sensitive federal information located within non-federal entities’ information technology...more
This Privacy Monday, there are a few important items of note, rather than the usual “bits and bytes”. NIST RELEASES DISCUSSION DRAFT OF CYBERSECURITY FRAMEWORK - After several months of work, the National...more