DHS and Cyber: What Should Companies Expect?
On January 16, 2025, former President Biden issued the Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity (the EO). The EO directs various parts of the federal government to adopt a...more
Citing the threats posed by foreign adversaries and criminal organizations, and seeking enhanced accountability for companies that provide software and cloud services to the federal government, the Biden administration has...more
Last year we made some predictions about 2024’s cyber landscape and major issues. Several proved prescient, with incident reporting, CISO scrutiny, SEC aggression, and new regulation of various sectors taking shape as the...more
Federal Acquisition Regulation (FAR) Final Rule: Reference to Penalty Threshold On August 29, the Department of Defense, General Services Administration, and National Aeronautics and Space Administration published a final...more
So far, 2024 has been another very busy year for U.S. cybersecurity regulation. Among the top priorities has been software security, as we previewed early this year. Companies that sell software to the federal government or...more
On June 28, 2024, the Supreme Court of the United States overruled a cornerstone of contemporary administrative law when it determined, in a 6-3 ruling, that the Supreme Court’s decision in Chevron U.S.A. Inc. v. Natural...more
These days, cyber regulators are in a hurry. Commentators have observed, the “federal government is quietly directing a seismic shift in the economy” with new mandates. Ann Neuberger, Deputy National Security Advisor for...more
WHAT: The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) published the final version of its Secure Software Development Attestation Common Form (Common Form) and announced...more
Last October, the Federal Acquisition Regulation (FAR) Council proposed two new rules, one of which that will influence cyber incident response practices. The scope is limited as it only applies to federal government...more
As we enter the New Year, Wiley has looked back at the top cyber issues for 2023 and what they mean for 2024. Last year, we saw the rollout of the National Cybersecurity Strategy—which outlined a new era of cyber oversight—as...more
Last month the Federal Acquisition Regulatory (FAR) Council announced a major proposal regarding cybersecurity incident reporting and information. Comments currently are now due by February 2, 2024....more
Earlier this month the Federal Acquisition Regulation (“FAR”) Council released two draft rules which would impose new cybersecurity requirements for federal contractors. The proposed rules, Cyber Threat and Incident Reporting...more
WHAT: As we previously reported here, on October 3, 2023, the Federal Acquisition Regulatory Council (FAR Council) proposed a pair of major cybersecurity rules intended to implement key parts of President Biden’s May 2021...more
In what can best be described as a tsunami of cybersecurity regulation, the Federal Acquisition Regulation (FAR) Council—consisting of the Department of Defense (DoD), General Services Administration (GSA), and National...more
WHAT: The Federal Acquisition Regulatory Council (FAR Council) proposed a pair of major cybersecurity rules intended to implement key parts of President Biden’s May 2021 Executive Order No. 14028 on Improving the Nation’s...more
GOVERNMENT CONTRACTS - SBA’s Proposed Rule Alters the Landscape for Size and Status Protests - On September 9, 2022, the Small Business Administration issued a proposed rule (the Rule) making substantial changes to the...more
The Department of Justice recently announced a new initiative that aims to hold government contractors accountable when they fail to meet required cybersecurity standards. In announcing the “Civil Cyber-Fraud Initiative” in...more
The Office of Management and Budget (“OMB”) released its draft Federal Zero Trust Strategy under President Biden’s Executive Order on Improving the Nation’s Cybersecurity (No. 14028) (discussed previously here and here) and...more
President Biden signed an executive order to bolster the federal government’s cybersecurity posture on May 12. The order focuses on implementing vital improvements to networks of federal departments and agencies, many of...more
The President’s new Executive Order on Improving the Nation’s Cybersecurity includes wide-ranging measures intended to strengthen security standards for the federal government and federal government contractors in response to...more
On May 12, 2021, President Joe Biden issued a wide ranging Executive Order “On Improving the Nation’s Cybersecurity,” which was in the works after the SolarWinds cyberattack and arrived soon after a ransomware attack on the...more
The U.S. Department of Homeland Security (DHS) has been central in federal cybersecurity policy for years, as an important non-regulatory body that convenes the private sector, works across agencies, and protects information...more
Upcoming Filing and Comment Deadlines - FCC Seeks Comment on Emergency Access to Wi-Fi Access Points: Comments are due October 1 on the Federal Communications Commission’s (FCC or Commission) Public Notice seeking comment...more