As of April 1, 2025, all merchants and third-party service providers (TPSPs) involved in processing credit or debit card payments must fully adhere to the enhanced security requirements outlined in the Payment Card Industry...more
Following our recent client alert, learn more about PCI DSS 4.0 coming into effect and its impact on organizations in 2025. Mark Schreiber, Brian Long, and Sam Genovese share further insights from working with clients on...more
The US Department of Defense (DoD) published a final rule codifying the Cybersecurity Maturity Model Certification (CMMC) Program. The final CMMC rule will apply to all DoD contractors and subcontractors that will process,...more
The US Department of Defense (DoD) took the next step in implementing the Cybersecurity Maturity Model Certification (CMMC) Program on August 15, 2024, when it issued a Proposed Rule to amend the Defense Federal Acquisition...more
DOJ DOUBLES DOWN ON CORPORATE ENFORCEMENT WITH NEW WHISTLEBLOWER PROGRAM -
During the 2024 American Bar Association National Institute on White Collar Crime (the 2024 White Collar Conference) earlier in March US Attorney...more
5/9/2024
/ Artificial Intelligence ,
Automotive Industry ,
Corporate Governance ,
Corporate Misconduct ,
Department of Justice (DOJ) ,
EU ,
Intellectual Property Litigation ,
Intellectual Property Protection ,
Labor Regulations ,
Payment Systems ,
PCI-DSS Standard ,
Pilot Programs ,
Regulatory Agenda ,
Unified Patent Court ,
Unions ,
Whistleblower Protection Policies ,
Whistleblowers ,
White Collar Crimes
In this series of articles, we explore the different certification requirements of CMMC Levels 1, 2 and 3; the impact on contractors and external service providers; and proposed next steps...
On December 26, 2023, the US...more
4/26/2024
/ Certification Requirements ,
Comment Period ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Framework ,
Cybersecurity Maturity Model Certification (CMMC) ,
DCMA ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management
The healthcare industry – particularly the digital health industry – is increasingly becoming monetized and using an e-commerce model through direct interactions with the customer to accept credit card payments. This...more
On February 8, 2024, the Federal Communications Commission (FCC) issued a Declaratory Ruling banning robocalls and robotexts using artificial intelligence (AI)-generated cloned voices. Effective immediately, under the FCC’s...more
In this series of articles, we explore the different certification requirements of CMMC Levels 1, 2 and 3; the impact on contractors and external service providers; and proposed next steps...
On December 26, 2023, the US...more
The automotive industry is experiencing a shift to an e-commerce model through direct interactions with the customer to accept credit card payments. This innovation allows drivers and passengers to make payments for products...more
In this series of articles, we explore the different certification requirements of CMMC Level 1, 2 and 3, the impact on contractors and external service providers, and proposed next steps...
On December 26, 2023, the US...more
1/9/2024
/ Certification Requirements ,
Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Sector ,
Department of Defense (DOD) ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NIST ,
Proposed Rules ,
Subcontractors
On December 26, 2023, the US Department of Defense (DoD) published its long-awaited proposed rule codifying the Cybersecurity Maturity Model Certification (CMMC) Program. The proposed CMMC rule will apply to all DoD...more
12/29/2023
/ Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Popular ,
Proposed Rules ,
Regulatory Requirements ,
Security Controls
Critical infrastructure and essential services in the United States—especially small or rural service providers—are highly vulnerable to disruptions from cyber attacks. Given the ever-growing need for cybersecurity services...more
Security Schedules, Privacy Addenda, TOMs, DPAs—whatever you call them, privacy and cybersecurity contract terms have exploded in prevalence in recent years, bringing with them new importance that can lead to difficult and...more
6/10/2022
/ Continuing Legal Education ,
Contract Drafting ,
Contract Negotiations ,
Contract Terms ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
International Data Transfers ,
Popular ,
Privacy Laws ,
Risk Management ,
Standard Contractual Clauses ,
Vendors ,
Webinars
On March 31, 2022, the Payment Card Industry Security Standards Council released version 4.0 of its Data Security Standard (PCI DSS 4.0). The new version—which brings major changes to the payments ecosystem—places an...more
Standard, everyday appliances like dishwashers and ovens, and necessary devices such as lights and thermostats, are increasingly likely to be Wi-Fi enabled, allowing them to send and receive data. These objects are widely...more
On January 30, the US Department of Defense (DoD) released version 1.0 of the Cybersecurity Maturity Model Certification (CMMC) framework, which will require DoD contractors and subcontractors to obtain third-party...more
2/4/2020
/ Attorney-Client Privilege ,
Certification Requirements ,
Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Contracts ,
Defense Sector ,
Department of Defense (DOD) ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Intellectual Property Protection ,
NIST ,
Popular ,
Subcontractors ,
Supply Chain