On July 9, 2024, the White House Office of Science and Technology Policy (OSTP) released the long-awaited “Guidelines for Research Security Programs at Covered Institutions” (the Guidelines). The Guidelines are intended to...more
In May, the National Institute of Standards and Technology (NIST) issued updated recommendations for security controls for controlled unclassified information (CUI) that is processed, stored or transmitted by nonfederal...more
On March 12, 2024, the Department of Defense (DoD) finalized a rule to open its Defense Industrial Base (DIB) Cybersecurity (CS) Program to all defense contractors who own or operate an unclassified information system that...more
On December 4, the Department of Defense Office of Inspector General (DoD OIG) issued a “special” Audit Report (the Report) that provides insight into common cybersecurity weaknesses related to the protection of Controlled...more
Two years after the Department of Justice (DOJ) established its Civil-Cyber Fraud Initiative, there has been a recent uptick in enforcement and regulatory activity related to cybersecurity. September opened with the unsealing...more
11/3/2023
/ Cyber Threats ,
Cybersecurity ,
Data Breach ,
Department of Defense (DOD) ,
Department of Justice (DOJ) ,
Enforcement Actions ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Fraud ,
General Services Administration (GSA) ,
Proposed Rules ,
Reporting Requirements ,
Settlement ,
Verizon ,
Whistleblowers
On March 2, 2023, the Biden administration released the 2023 National Cybersecurity Strategy (the “Strategy”). The Strategy acknowledges that the United States “must [effect] fundamental shifts in how . . . [it] allocates...more
In July 2022, the Department of Justice (DOJ) released a Comprehensive Cyber Review report (the “Review”) summarizing its assessment of its own cyber-related activities and including recommendations focused on its...more
On November 17, 2021, the U.S. Department of Defense (DOD) published an Advanced Notice of Proposed Rulemaking (ANPRM) previewing significant changes to its Cybersecurity Maturity Model Certification (CMMC) program.1 The...more
Key Points -
On October 6, 2021, the DOJ announced two new initiatives: the Civil Cyber-Fraud Initiative and the National Cryptocurrency Enforcement Team.
The Civil Cyber-Fraud Initiative will fight rising cyber threats...more
10/13/2021
/ Cryptocurrency ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
Department of Justice (DOJ) ,
DFARS ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
NDAA ,
Popular ,
Supply Chain
Key Points -
On Wednesday, May 12, 2021, President Biden issued EO 14,028, “Improving the Nation’s Cybersecurity.” The EO sets out an ambitious schedule of reviews and rulemakings that portend significant changes in the...more