Health + Tech - How Digital Health Tools Help Create Greater Consumer Focus in Healthcare
Cyber Threats
Using The Cloud For Custom Salesforce Solutions
Chris Ford on Compliance and Cloud Computing
Moving Energy Forward: Future Voices Of The Industry
Sitting with the C-Suite: Servient – What’s Next
Polsinelli Podcasts: Cloud Computing, From Cybersecurity to Confidentiality Issues
IP | Trend: Data in the Cloud is the Next Big Storm?
At Intersection of Cloud Storage/Transfer & Instant Messaging, Instacom’s a Unique Tool
“The Cloud” No Longer a Hot Topic Because It’s Common Knowledge at This Point
The U.S. General Services Administration (GSA) recently announced plans to develop the Federal Risk and Authorization Management Program (FedRAMP) 20x – a new approach to the government-wide program for the security...more
In his final days in office, President Biden signed an ambitious executive order to improve the federal government's approach to cybersecurity. Executive Order 14114 ("Executive Order"), issued January 16, 2025, titled...more
Over the last few years, the Federal Risk and Authorization Management Program (“FedRAMP”) Program Management Office (“PMO”) has released two draft guidance documents related to defining the applicable boundary for security...more
In the ever-evolving world of cybersecurity, even organizations that meet stringent security standards can be victims of sophisticated cyberattacks. A notable example of this is the December 8, 2024 cybersecurity incident...more
Citing the threats posed by foreign adversaries and criminal organizations, and seeking enhanced accountability for companies that provide software and cloud services to the federal government, the Biden administration has...more
To dramatically scale up the Modernizing the Federal Risk and Authorization Management Program (FedRAMP) marketplace, the Office of Management and Budget (OMB) has completely rewritten FedRAMP’s vision, scope and governance...more
Last October, the Federal Acquisition Regulation (FAR) Council proposed two new rules, one of which that will influence cyber incident response practices. The scope is limited as it only applies to federal government...more
To kick off the New Year, Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2023 Recap (including links to all of the resources the team has put out over the...more
WHAT: As we previously reported here, on October 3, 2023, the Federal Acquisition Regulatory Council (FAR Council) proposed a pair of major cybersecurity rules intended to implement key parts of President Biden’s May 2021...more
The Federal Acquisition Regulatory (FAR) Council on Oct. 3, 2023, issued two proposed rules to partially implement President Biden's Executive Order on Improving the Nation's Cybersecurity. The first proposed rule imposes...more
The Federal Risk and Authorization Management Program (FedRAMP) Program Management Office recently released a revised version of its Obligations and Compliance Standards document for third party assessors – the organizations...more
Inflation relief for defense contractors, a ban on procurement of products and services containing certain Chinese semiconductors, and codification of the Federal Risk and Authorization Management Program (FedRAMP) governing...more
Beyond causing long lines and shortages at the gas pump, the cyberattack on the Colonial Pipeline this month may have important implications for federal contractors. As part of the federal government’s response, President Joe...more
The Situation: The United States government has been ramping up its efforts to protect sensitive data and is making clear it expects its contractors to protect data they receive and create. According to a recent Inspector...more
Is this a Start of Something New for Third-Party Management? The demand for responsible cybersecurity in business is ubiquitous. The need to protect information is not limited to the financial services, insurance and...more
The complexity of operations, research and compliance mandates in higher education presents unique challenges in securing information systems. Cybersecurity compliance affects everything from the handling of student data to...more
The DoD clarifies its expectation for full compliance to protect Controlled Unclassified Information (CUI) residing on Contractor Systems from cyber incidents. A defense contractor’s updated and current System Security...more
It’s almost here. After years of rulemaking, covered defense contractors will soon be fully subject to heightened cybersecurity standards for covered defense information (“CDI”) on IT systems under DFARS 252.204-7012, and...more
U.S. Department of Defense (DoD) contractors face new cybersecurity compliance requirements, including a significant deadline set for December 31, 2017. Most DoD contracts now include clauses imposing obligations on...more
This month marks an important waypoint for defense contractors subject to the new cybersecurity requirements imposed by the Department of Defense. For contractors subject to the requirements of Defense Federal Acquisition...more
For businesses that work with the U.S. Department of Defense (“DoD”), two important rules for safeguarding certain categories of sensitive information and reporting cyber incidents were recently finalized, updating the...more
On October 21, 2016, the Department of Defense (DoD) issued its final rule on Network Penetration Reporting and Contracting for Cloud Services, amending an interim version issued on August 26, 2015, and revised on December...more
Last week, the Department of Defense adopted as final, with several changes, its interim rule amending the DFARS on “Network Penetration Reporting and Contracting for Cloud Services.” The changes went into effect...more
On October 21, 2016, the Department of Defense (“DoD”) issued a final rule (the “final rule”) codifying the specific actions DoD contractors and subcontractors must take to adequately safeguard “covered defense information”...more
On October 21, 2016, the Department of Defense (DoD) issued a final rule following-up on the interim rules it had issued on August 26 and December 30, 2015, regarding safeguarding contractor networks and purchasing cloud...more