For companies in the U.S. that hold certain personal data and U.S. Government-related data, rules stemming from recent Executive Order (“EO”) 14117 on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United...more
The Cybersecurity and Infrastructure Security Agency (“CISA”) recently released its new Proposed Rule pursuant to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which was published in the...more
4/9/2024
/ Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Defense (DOD) ,
Federal Contractors ,
Information Technology ,
New Regulations ,
Regulatory Agenda ,
Regulatory Reform ,
Reporting Requirements ,
Rulemaking Process ,
Supply Chain
On January 26, 2024, the Federal Risk and Authorization Management Program (“FedRAMP”) published a draft Emerging Technology Prioritization Framework developed in response to President Biden’s Executive Order 14110 on Safe,...more
On October 5, 2023, the FAR Council released an Interim Rule on “Implementation of Federal Acquisition Supply Chain Security Act (FASCSA) Orders.” The Interim Rule implements requirements from Section 202 of the Federal...more
The National Institute of Standards and Technology (NIST) has released an initial public draft of NIST SP 800-171, Revision 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. Compliance...more
On March 2, 2023, the Biden Administration released its National Cybersecurity Strategy. The Strategy represents the latest push by the Administration to focus on cybersecurity concerns, following the release of Executive...more
The FedRAMP Program Management Office is seeking comments on its draft FedRAMP Authorization Boundary Guidance, Version 3.0, released on September 14, 2022. The public comment period currently is open and closes on October...more
Per Executive Order 14028, Improving the Nation’s Cybersecurity, the Office of Management and Budget (OMB) issued a memorandum on September 14, 2022 requiring federal agencies to only use software from software producers that...more
9/29/2022
/ Contract Solicitation ,
Cybersecurity ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Information Technology ,
NIST ,
OMB ,
Software ,
Supply Chain ,
Third-Party
On July 19, 2022, the National Institute of Standards and Technology (NIST) released a Pre-Draft Call for Comments, seeking feedback on improving its Controlled Unclassified Information (CUI) series of publications. The...more
The National Institute of Standards and Technology (“NIST”) is seeking comments on its second draft of NIST SP 800-161 Rev. 1, “Cyber Supply Chain Risk Management Practices for Systems and Organizations,” published on October...more
11/11/2021
/ Biden Administration ,
Cybersecurity ,
Data Security ,
Executive Orders ,
Federal Contractors ,
Government Agencies ,
Information Technology ,
NIST ,
Risk Management ,
Software ,
Supply Chain ,
Technology
The Office of Management and Budget (“OMB”) released its draft Federal Zero Trust Strategy under President Biden’s Executive Order on Improving the Nation’s Cybersecurity (No. 14028) (discussed previously here and here) and...more
The FedRAMP Program Management Office is seeking comments on its draft FedRAMP Authorization Boundary Guidance, Version 2.0, released on July 13, 2021. The public comment period currently is open and closes on September 13,...more
The National Institute of Standards and Technology (“NIST”) is seeking comments on its draft NIST SP 800-161 Rev. 1, “Cyber Supply Chain Risk Management Practices for Systems and Organizations,” published on April 29, 2021....more
5/27/2021
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Executive Orders ,
Information Technology ,
NIST ,
Popular ,
Software ,
Supply Chain ,
Technology
On May 12, 2021, the Biden Administration issued its much anticipated “Executive Order on Improving the Nation’s Cybersecurity.” Below are provisions we believe will be of most interest to contractors, as well as any company...more
5/19/2021
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
DFARS ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Information Technology ,
Internet of Things ,
NIST ,
OMB ,
Popular ,
Software ,
Supply Chain ,
Technology
Each year, the Government purchases more and more cloud computing from contractors. But while many small businesses can provide cloud computing, the current rules associated with small business set-aside contracts prevent...more
On May 11, President Donald Trump issued his long-awaited Executive Order on cybersecurity, the ‘‘Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.’’ It had been...more
5/31/2017
/ Critical Infrastructure Sectors ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Executive Orders ,
Hackers ,
Information Technology ,
National Security ,
NIST ,
Popular ,
Risk Management ,
Trump Administration