News & Analysis as of

Cybersecurity Controlled Unclassified Information (CUI) Data Security

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Cozen O'Connor

FAR Proposed Controlled Unclassified Information Rule: A Path Toward Standardization

Cozen O'Connor on

On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more

Holland & Knight LLP

FAR Council Proposes Compliance with NIST SP 800-171 for Non-Defense Contractors

Holland & Knight LLP on

Earlier this year, the FAR Council issued a proposed rule to implement the Controlled Unclassified Information (CUI) Program as it relates to federal contracts. The proposed rule is "just one element of a larger strategy to...more

White & Case LLP

What’s New – FAR Council Publishes Proposed Rules Concerning CUI and OCIs

White & Case LLP on

On January 15, 2025, the Federal Acquisition Regulatory Council (FAR Council) proposed two significant rule changes that could reshape compliance obligations for government contractors: one establishing standardized...more

Sheppard Mullin Richter & Hampton LLP

At Long Last – The FAR CUI Rule is Here! 

Sheppard Mullin Richter & Hampton LLP on

The wait is finally over! After more than 14 years of anticipation, the Federal Acquisition Regulation (“FAR”) Proposed Rule on Controlled Unclassified Information (“CUI”) was released on January 15, 2025 and comes as part of...more

Wiley Rein LLP

FAR Council Unveils Long-Anticipated Rule for Controlled Unclassified Information

Wiley Rein LLP on

WHAT: The FAR Council published a proposed rule to incorporate the Controlled Unclassified Information (CUI) Program into the acquisition process and, in doing so, seeks to more clearly define government and contractor roles...more

Blank Rome LLP

The FAR Council Publishes Long-Awaited CUI Rule

Blank Rome LLP on

On January 15, 2025, the Federal Acquisition Regulation (“FAR”) Council issued its long-awaited “CUI Rule.” CUI, or Controlled Unclassified Information, is information that the government creates or possesses, or that an...more

Bradley Arant Boult Cummings LLP

The Pentagon Finalizes Sweeping Cybersecurity Rules for DOD Contractors

Bradley Arant Boult Cummings LLP on

On October 11, 2024, the United States Department of Defense (DOD) published a final rule implementing its Cybersecurity Maturity Model Certification (CMMC) program, which is designed to verify that defense contractors are...more

BakerHostetler

(Cyber)Security Theater 101 - Georgia Tech, a Teachable Moment

BakerHostetler on

On August 22, 2024, the United States intervened in a whistleblower suit against the Georgia Institute of Technology, initially filed by current and former members of Georgia Tech’s cybersecurity team, alleging that Georgia...more

Bass, Berry & Sims PLC

Department of Defense Issues Class Deviation Delaying Application of NIST SP 800-171, Revision 3

Bass, Berry & Sims PLC on

On May 2, the Department of Defense (DOD) issued a class deviation to DFARS 252.204-7012 “to provide industry time for a more deliberate transition upon the forthcoming release of [National Institute of Standards and...more

Bass, Berry & Sims PLC

The United States Intervenes in its First False Claims Act Cybersecurity Case

Bass, Berry & Sims PLC on

The United States notified the U.S. District Court for the Northern District of Georgia that it plans to intervene in a False Claims Act case filed against Georgia Tech Research Corporation (Georgia Tech) by its Associate...more

Wiley Rein LLP

Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification

Wiley Rein LLP on

In this episode, Wiley partners Gary Ward, Tracye Howard, and Craig Smith examine the ongoing developments related to implementation of the Cybersecurity Maturity Model Certification (CMMC) program. They discuss the current...more

Sheppard Mullin Richter & Hampton LLP

DoD IG Report Provides Insight Into Common Missteps When Protecting CUI

Sheppard Mullin Richter & Hampton LLP on

On November 30, 2023, the Inspector General of the Department of Defense (“DoD IG”) released a Special Report: Common Cybersecurity Weaknesses Related to the Protection of DoD Controlled Unclassified Information on Contractor...more

Pillsbury Winthrop Shaw Pittman LLP

DHS Implements New Security and Privacy Measures for Controlled Unclassified Information

Pillsbury Winthrop Shaw Pittman LLP on

The Department of Homeland Security amended its regulations due to the urgent need to protect Controlled Unclassified Information. On June 21, 2023, the Department of Homeland Security (DHS or Department) issued a final...more

PilieroMazza PLLC

DHS Updates Cybersecurity Regulations Clarifying Old and New Obligations

PilieroMazza PLLC on

The Department of Homeland Security (DHS) recently released a final rule (Final Rule), effective July 21, 2023, updating the Homeland Security Acquisition Regulation (HSAR) to include cybersecurity provisions aimed at...more

Bradley Arant Boult Cummings LLP

DoDIG Audit of Controlled Unclassified Information (CUI) Program: Findings and Next Steps for Contractors

Bradley Arant Boult Cummings LLP on

The Department of Defense Inspector General (DoDIG) recently released its “Audit of the DoD’s Implementation and Oversight of the Controlled Unclassified Information [CUI] Program” (DODIG-2023-078). The audit highlights some...more

Sheppard Mullin Richter & Hampton LLP

NIST Releases Initial Public Draft of NIST SP 800-171, Revision 3 for Protection of Sensitive Government Information

Sheppard Mullin Richter & Hampton LLP on

The National Institute of Standards and Technology (NIST) has released an initial public draft of NIST SP 800-171, Revision 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. Compliance...more

Ankura

[Webinar] CMMC – Practical Solutions to Managing and Securing CUI Data, Perspectives of a Foreign Defense Contractor - November...

Ankura on

Currently defense contractors who receive or create Controlled Unclassified Information (“CUI”) from or for the U.S. Department of Defense (“DoD”) are subject to several contract-based cybersecurity requirements, including...more

Wilson Sonsini Goodrich & Rosati

DoD to Contracting Officers: Demand Compliance and Seek Consequences for Material Breaches of Cybersecurity Requirements by...

Wilson Sonsini Goodrich & Rosati on

On June 16, 2022, the Department of Defense (DoD) issued a memorandum to its contracting officers emphasizing their obligation to monitor compliance by DoD contractors with the cybersecurity requirements of their contracts....more

Wiley Rein LLP

DOD Suspends CMMC Version 1.0 and Charts a New Course With “CMMC 2.0”

Wiley Rein LLP on

WHAT: On November 4, 2021, the U.S. Department of Defense (DOD) announced the completion of a months-long internal review and significant changes to the strategic direction of its Cybersecurity Maturity Model Certification...more

Society of Corporate Compliance and Ethics...

Marti Arvin and Anthony Buenger on the CMMC Framework

Society of Corporate Compliance and Ethics... on

America’s data is under attack. Solar Winds and other recent headline-grabbing stories have demonstrated that foreign adversaries are eager to hack into computer systems for a wide range of purposes. The US Department of...more

NAVEX

CMMC Is Coming: How Government Contractors Can Prepare

NAVEX on

People like to say that cybersecurity threats are constantly evolving. So perhaps it’s fitting that cybersecurity compliance is undergoing a significant evolution of its own this year, too. That evolution is the arrival of...more

Pillsbury Winthrop Shaw Pittman LLP

Congress Requires Foreign Ownership Disclosures for Federal Government Tenancies of “High-Security Leased Spaces”

Pillsbury Winthrop Shaw Pittman LLP on

Federal government lessees seeking to occupy high-security spaces in foreign-owned buildings will be required to obtain complete beneficial ownership and impose access restrictions on owners and property managers. The...more

Sheppard Mullin Richter & Hampton LLP

NIST Proposes Draft Enhanced Security Requirements for Protecting CUI

Sheppard Mullin Richter & Hampton LLP on

NIST recently released the final public draft of SP 800-172, Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171 (formerly Draft NIST SP...more

Bass, Berry & Sims PLC

DoD’s Recently Released Draft Framework Signals Significant Changes in Cybersecurity Requirements

Bass, Berry & Sims PLC on

A major shift in cybersecurity requirements for Department of Defense (DoD) contractors is about to come into effect—earlier this month the DoD released for public comment the long-anticipated Version 0.4 of the draft...more

Bass, Berry & Sims PLC

Vulnerable Systems: Contractor Protection of Controlled Unclassified Information at Risk

Bass, Berry & Sims PLC on

The Department of Defense (DoD) Inspector General recently issued a report summarizing the findings of an audit into the protection of Controlled Unclassified Information (CUI) on contractor networks. Based on an in-depth...more

47 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide