Latest Posts › NIST

Share:

Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors [Video]

In this episode of "Regulatory Phishing," Government Contracts and Cybersecurity attorney Eric Crusius delves into the latest developments from the Cybersecurity Maturity Model Certification (CMMC) program, National Institute...more

DOJ Brings Suit Against University Under Its Civil Cyber-Fraud Initiative

Late last week, the U.S. Department of Justice (DOJ) filed its complaint-in-intervention in a qui tam lawsuit against the Georgia Institute of Technology (Georgia Tech), alleging that the university failed to meet certain...more

Foundational Cybersecurity Standards for Contractors Updated

The National Institute of Standards and Technology (NIST) released the third revision of its Special Publication (SP) 800-171, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations." This...more

Department of Defense Releases Long-Awaited CMMC Proposed Rule

Two years after announcing the second iteration of the U.S. Department of Defense's (DoD) Cybersecurity Maturity Model Certification (CMMC) program, the DoD released its proposed rule that, if adopted, will implement the...more

New Cybersecurity FAR Rules Poised to Have a Major Impact on Contractors

The Federal Acquisition Regulatory (FAR) Council on Oct. 3, 2023, issued two proposed rules to partially implement President Biden's Executive Order on Improving the Nation's Cybersecurity. The first proposed rule imposes...more

Podcast - Third-Party Assessments and NIST SP 800-171 [Video]

In this episode of "Regulatory Phishing," Eric Crusius is joined by Tom Tollerton, a partner with FORVIS, a Certified Third-Party Assessment Organization (C3PAO). In this episode, Eric and Tom discuss the role of the C3PAO in...more

Third-Party Assessments and NIST SP 800-171 [Video]

In this episode of "Regulatory Phishing," Eric Crusius is joined by Tom Tollerton, a partner with FORVIS, a Certified Third-Party Assessment Organization (C3PAO). In this episode, Eric and Tom discuss the role of the C3PAO in...more

Third-Party Cybersecurity Assessments Potentially Coming Soon to Department of Defense

Contractors that do business with the U.S. Department of Defense (DoD) and handle Controlled Unclassified Information (CUI) have been awaiting the issuance of a rule implementing the Cybersecurity Maturity Model Certification...more

Cybersecurity in 2023: What Government Contractors Should Expect

2023 promises to be a pivotal year for cybersecurity in government contracts. Besides the implementation of the Cybersecurity Maturity Model Certification (CMMC) program, new regulations are coming for civilian contractors,...more

U.S. Department of Defense Tightens Screws on Cybersecurity Compliance

The U.S. Department of Defense (DoD) recently released a memorandum signaling its increasing willingness to review contractor compliance with cybersecurity standards in its contracts and take action against noncompliant...more

CMMC 2.0 Simplifies Requirements But Raises Risks for Government Contractors

With the announcement of a revamped Cybersecurity Maturity Model Certification (known as CMMC 2.0),1 for the third time in five years, the U.S. Department of Defense (DOD) announced new, comprehensive cybersecurity standards...more

Cybersecurity for All: President Biden Issues Sweeping Cybersecurity Executive Order

On May 12, 2021, President Joe Biden issued a comprehensive Executive Order (EO) on Improving the Nation's Cybersecurity that promises sweeping changes in federal contracts for information technology (IT), cloud services and...more

CMMC Moves Toward Reality

The U.S. Department of Defense (DoD) released version 1.0 of its Cybersecurity Maturity Model Certification (known as CMMC) on Jan. 31, 2020. The CMMC model draws heavily on the National Institute for Standards and...more

Defense Contractors To See New Cybersecurity Standards, Independent Certification Requirements

Details concerning the U.S. Department of Defense's (DoD) new cybersecurity standards are emerging. Called the Cybersecurity Maturity Model Certification (CMMC), compliance with this new set of security standards will be...more

2017, We Hardly Knew You: A Look Ahead to 2018

Taking over as editors of Holland & Knight’s Government Contracts Blog has been a labor, but it has been a labor of love. Like the rest of the Government Contracts Team, we are passionate about staying on top of the latest...more

DoD Issues Guidance for Compliance with Cybersecurity Regulations

• In recently released guidance, the U.S. Department of Defense (DoD) confirms a "one size does not fit all" approach to contractor compliance with its cybersecurity clauses that cover the safeguarding of contractor networks,...more

The Department of Defense Emphasizes Heightened Cybersecurity Compliance at Industry Information Day Event

We had the opportunity to attend Department of Defense’s (DoD) Industry Information Day on Friday, June 23, at the Mark Center Auditorium in Alexandria, Virginia. DoD’s Chief Information Officer published advance notice of...more

Contractors Beware: New Cybersecurity Executive Order Signals a Change in Direction

The White House just issued a long-awaited Cybersecurity Executive Order (EO). The EO is divided into five sections, which we will summarize in turn - Section 1 of the EO includes "policy," "findings," and "risk...more

18 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide