News & Analysis as of

Cybersecurity Regulatory Requirements National Institute of Standards and Technology

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Alston & Bird

DOJ Settles False Claims Act Case with MORSECORP Over Cybersecurity Program

Alston & Bird on

On March 26, 2025, the United States Department of Justice (DOJ) announced that it had reached an agreement with MORSECORP Inc. (MORSE) to settle alleged violations of the False Claims Act (FCA), specifically regarding...more

Ropes & Gray LLP

Adversarial Machine Learning in Focus: Novel Risks, Straightforward Legal Approaches

Ropes & Gray LLP on

The Artificial Intelligence and Machine Learning (“AI/ML”) risk environment is in flux. One reason is that regulators are shifting from AI safety to AI innovation approaches, as a recent DataPhiles post examined. Another is...more

McCarter & English Blog: Government Contracts...

The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

McCarter & English Blog: Government Contracts... on

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more

Cohen Seglias Pallas Greenhall & Furman PC

Cybersecurity Enforcement: The More Things Change, The More They Stay the Same

Cohen Seglias Pallas Greenhall & Furman PC on

Despite a change in administrations, the government’s vigilance and enforcement of cybersecurity requirements have not missed a beat. On March 14, 2025, MORSECORP, Inc. of Cambridge, MA resolved allegations that it had...more

Davis Wright Tremaine LLP

FedRAMP 20x Initiative Promises Major Changes for Federal Cloud Service Providers

Davis Wright Tremaine LLP on

Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more

Fox Rothschild LLP

Government Contractors Beware: Failure to Comply with DOD Cybersecurity Requirements Can Trigger Civil FCA Liability

Fox Rothschild LLP on

The Department of Justice (DOJ) recently reached a $4.6 million civil False Claims Act (FCA) settlement with MORSECORP, Inc. (MORSE) arising out of allegations that the company failed to comply with Department of Defense...more

Ice Miller

As the Department of Justice Affirms and Advances Its Cyber-Fraud Initiative, Government Contractors Should Take Steps to Ensure...

Ice Miller on

While some areas of white-collar enforcement have been deprioritized by the Trump Administration, the Department of Justice (DOJ) remains committed to its Civil Cyber-Fraud Initiative as demonstrated by two recent False...more

Mintz - Privacy & Cybersecurity Viewpoints

DOJ: ‘False Claims Act + Cybersecurity’ Is Here To Stay

Mintz - Privacy & Cybersecurity Viewpoints on

Amid ongoing policy shifts in Washington, the federal government’s interest in pursuing civil cyber-fraud cases appears to be here to stay. In October 2021, the Department of Justice (DOJ) initiated its Civil Cyber-Fraud...more

J.S. Held

2025 J.S. Held Global Risk Report: Managing Cyber Risk

J.S. Held on

Cyber incidents such as the 2024 event involving Change Healthcare, which compromised the personal information of over 100 million people, highlight the evolving nature of cyber threats – increasingly becoming risk management...more

Goodwin

Crossing Administrations: The Focus on Federal Cybersecurity Continues

Goodwin on

Federal contractors, including defense contractors, should prepare for the emergence of new requirements in the coming months that are designed to strengthen software supply chain security, impose more stringent cybersecurity...more

Wiley Rein LLP

Wireless Roundup (March 2025)

Wiley Rein LLP on

FCC Solicits Comment on Amending Accessibility Rules for IVCS: In this Further Notice of Proposed Rulemaking (FNPRM) the Federal Communications Commission (FCC or Commission) requests further comment on whether to amend its...more

Husch Blackwell LLP

The Proposed Rule to Amend FAR Guidance on Safeguarding CUI – Care to Comment?

Husch Blackwell LLP on

The FAR Council issued a proposed rule that would amend the several FAR provisions and add new clauses to provide guidance on the safe handling of CUI. Public comments on the proposed rule are being accepted until March 17,...more

Cozen O'Connor

FAR Proposed Controlled Unclassified Information Rule: A Path Toward Standardization

Cozen O'Connor on

On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more

Holland & Knight LLP

FAR Council Proposes Compliance with NIST SP 800-171 for Non-Defense Contractors

Holland & Knight LLP on

Earlier this year, the FAR Council issued a proposed rule to implement the Controlled Unclassified Information (CUI) Program as it relates to federal contracts. The proposed rule is "just one element of a larger strategy to...more

Sheppard Mullin Richter & Hampton LLP

FedRAMP Releases New Draft Authorization Boundary Guidance

Sheppard Mullin Richter & Hampton LLP on

Over the last few years, the Federal Risk and Authorization Management Program (“FedRAMP”) Program Management Office (“PMO”) has released two draft guidance documents related to defining the applicable boundary for security...more

Wiley Rein LLP

FAR Council Unveils Long-Anticipated Rule for Controlled Unclassified Information

Wiley Rein LLP on

WHAT: The FAR Council published a proposed rule to incorporate the Controlled Unclassified Information (CUI) Program into the acquisition process and, in doing so, seeks to more clearly define government and contractor roles...more

Woods Rogers

FAR Council Publishes Proposed Rule Imposing New Security Requirements on Contractors Handling CUI

Woods Rogers on

On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more

Schwabe, Williamson & Wyatt PC

DoD Contractors: It’s Go Time for CMMC

Schwabe, Williamson & Wyatt PC on

On December 16, the U.S. Department of Defense’s Cybersecurity Maturity Model Certification Program (CMMC) final rule (the “CMMC Program Rule”) will become effective, to codify the CMMC requirements and assessment processes....more

Skadden, Arps, Slate, Meagher & Flom LLP

Developing and Using AI Require Close Monitoring of Risks and Regulations

Skadden, Arps, Slate, Meagher & Flom LLP on

As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risks from developing and deploying AI systems that do not function as intended or that yield problematic outcomes....more

Perkins Coie

Cybersecurity for Lawyers: The NIST Cybersecurity Framework as a Tool and Reference

Perkins Coie on

In this post in our series on basic cybersecurity concepts for lawyers (see here and here for prior posts), we delve into the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) 2.0, which is a...more

Skadden, Arps, Slate, Meagher & Flom LLP

How Defense Contractors Can Prepare Now for CMMC Implementation

Skadden, Arps, Slate, Meagher & Flom LLP on

The Department of Defense (DoD) is currently reviewing and adjudicating the public comments received in response to its proposed regulations implementing its Cybersecurity Maturity Model Certification 2.0 program (CMMC)....more

Spilman Thomas & Battle, PLLC

Decoded Technology Law Insights, V 5, Issue 4, May 2024

Spilman Thomas & Battle, PLLC on

MIT Report Details New Cybersecurity Risks - “Cloud misconfigurations, more sophisticated ransomware, and vendor exploitation attacks are contributing to rising cyberattacks.” Why this is important: Worldwide spending...more

Sheppard Mullin Richter & Hampton LLP

NIST Updates AI RMF as Mandated by the White House Executive Order on AI

Sheppard Mullin Richter & Hampton LLP on

We have now reached the 180-day mark since the White House Executive Order (EO) on the Safe, Secure and Trustworthy Development of AI and we are seeing a flurry of mandated actions being completed. See here for a summary of...more

Faegre Drinker Biddle & Reath LLP

NIST Releases Cybersecurity Framework 2.0

Faegre Drinker Biddle & Reath LLP on

On February 26, 2024, the National Institute of Standards and Technology (NIST) released the NIST Cybersecurity Framework 2.0 (CSF 2.0). CSF 2.0 represents the first major update to the Cybersecurity Framework, which was...more

Jenner & Block

Client Alert: NIST Cybersecurity Framework 2.0 Released

Jenner & Block on

On February 26, 2024, the National Institute of Standards and Technology (NIST), an agency within the U.S. Department of Commerce, released Version 2.0 of its Cybersecurity Framework (CSF), the first major update since its...more

34 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide