FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: Coverage Challenges and Changes
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
"Monsters Inc." y el tratamiento de los datos
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
AI Discrimination and Emerging Best Practices – Part 2 - The Good Bot Podcast
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
The recent National 8(a) Small Business Conference underscored pressing challenges and critical updates regarding the Cybersecurity Maturity Model Certification (CMMC) Program, now in an advanced phase known as CMMC 2.0. The...more
The Department of Defense (“DOD”) recently issued new guidance outlining how it will determine Cybersecurity Maturity Model Certification (“CMMC”) levels for its solicitations and contracts. Prior to this guidance,...more
On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more
After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more
To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more
Welcome to this month’s issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security, & Data Protection practice....more
Since 2016, the federal government has implemented numerous procurement regulations and associated contract clauses to address cybersecurity by requiring contractors to adopt various controls and standards to protect...more
To kick off the New Year, Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2023 Recap (including links to all of the resources the team has put out over the...more
Learning Objectives - What is CMMC and should I care? - Cybersecurity is crucial for compliance in any company - Is NIST 800-171 (The CMMC Framework) worth employing? - Thoughts and observations from the field...more
Cybersecurity has been an important topic for many years now, yet the government has struggled with how to flow down cybersecurity obligations to its supply chain. The Department of Defense’s (DOD) Cybersecurity Maturity...more
Currently defense contractors who receive or create Controlled Unclassified Information (“CUI”) from or for the U.S. Department of Defense (“DoD”) are subject to several contract-based cybersecurity requirements, including...more
STATE AND LOCAL LAWS AND REGULATION - Virginia Consumer Data Protection Act Work Group Issues Final Report - The Virginia Consumer Data Protection Act Work Group (“Work Group”) released its final report. The Virginia...more
The Canadian Institute’s 11th Annual Forum on U.S. Export & Re-Export Compliance for Canadian Operations will take place in Toronto on January 25–27! IN-PERSON and LIVESTREAM options available. Over the last decade, this...more
WHAT: On November 4, 2021, the U.S. Department of Defense (DOD) announced the completion of a months-long internal review and significant changes to the strategic direction of its Cybersecurity Maturity Model Certification...more
On October 6, 2021, the U.S. Department of Justice (“DOJ”) announced a new Civil Cyber-Fraud Initiative to pursue cybersecurity fraud matters using the enforcement mechanisms of the False Claims Act (“FCA”). This...more
The Department of Justice (“DOJ”) recently announced a new Civil Cyber-Fraud Initiative (the “Initiative”) that will use the False Claim Act (“FCA”) to pursue contractors and grant recipients that knowingly...more
On October 6, 2021, the U.S. Department of Justice (DOJ) announced an initiative to pursue civil False Claims Act (FCA) enforcement actions against government contractors that knowingly fail to follow required cybersecurity...more
On January 5, 2020, President Trump signed into law H.R. 7898. This new statute amends the Health Information Technology for Economic and Clinical Health (HITECH) Act to require the Department of Health and Human Services...more
The Cybersecurity Maturity Model Certification (CMMC) Advisory Board (CMMC AB) made a major announcement on September 16, 2020, announcing that it has trained an initial group of provisional assessors....more
The Department of Defense’s (DOD) Cybersecurity Maturity Model Certification (CMMC) requirements are coming, impacting DOD contractors big and small. This important new certification, if responded to proactively, will help...more
Last week we reported on developments in the Department of Defense (DoD) efforts to implement enhanced Defense Industrial Base cybersecurity requirements. ...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - Cybersecurity Standards Issued for Government Contractors - On January 31, the Office of the Under Secretary of Defense for Acquisition and...more
Now that DOD has released the final version of the Cybersecurity Maturity Model Certification (CMMC) guidelines, all contractors that work directly or indirectly on Department of Defense (DOD) contracts should be preparing to...more
- DoD has released the final version of the CMMC framework. - DoD anticipates that CMMC requirements will appear in a limited number of solicitations starting in October 2020 and that they will appear in all DoD...more
On January 16, 2020, the National Institute of Standards and Technology (NIST) issued its NIST Privacy Framework Version 1.0 (Privacy Framework). The Privacy Framework follows the same type of structure as the NIST Framework...more