FedRAMP, Compliance

FedRAMP 20x – Major Overhaul Announced to Streamline the Security Authorization Process for Government Cloud Offerings

Sheppard Mullin Richter & Hampton LLP on 4/3/2025

On March 24, 2025, the Federal Risk and Authorization Management Program (“FedRAMP”) announced a major overhaul of the program, which is being called “FedRAMP 20x.” The FedRAMP 20x announcement stated there are no immediate...more

Analyzing President Biden's Ambitious Cybersecurity Executive Order

Davis Wright Tremaine LLP on 2/5/2025

In his final days in office, President Biden signed an ambitious executive order to improve the federal government's approach to cybersecurity. Executive Order 14114 ("Executive Order"), issued January 16, 2025, titled...more

FedRAMP Releases New Draft Authorization Boundary Guidance

Sheppard Mullin Richter & Hampton LLP on 1/30/2025

Over the last few years, the Federal Risk and Authorization Management Program (“FedRAMP”) Program Management Office (“PMO”) has released two draft guidance documents related to defining the applicable boundary for security...more

Looking Beyond FedRAMP – Lessons from the U.S. Treasury Cybersecurity Incident

Sheppard Mullin Richter & Hampton LLP on 1/30/2025

In the ever-evolving world of cybersecurity, even organizations that meet stringent security standards can be victims of sophisticated cyberattacks. A notable example of this is the December 8, 2024 cybersecurity incident...more

Governmental Practice Cybersecurity and Data Protection: 2024 Recap & 2025 Forecast Alert

Sheppard Mullin Richter & Hampton LLP on 1/8/2025

To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more

The DoD’s CMMC Rule Is Out: What Comes Next?

BakerHostetler on 11/15/2024

On October 15, 2024, the Department of Defense (DoD) published the final rule for the Cybersecurity Maturity Model Certification (CMMC) Program that not only finalizes the long-anticipated CMMC Rule but also foreshadows what...more

DOJ Continues Crackdown on Cybersecurity Compliance with $1.25M FCA Settlement

Wiley Rein LLP on 10/29/2024

The Department of Justice (DOJ) secured another win for its Civil Cyber-Fraud Initiative last week when it resolved a False Claims Act (FCA) action[1] alleging Pennsylvania State University (Penn State) failed to comply with...more

Policy Patches: An Update on Software Security Regulation

Wiley Rein LLP on 8/15/2024

So far, 2024 has been another very busy year for U.S. cybersecurity regulation. Among the top priorities has been software security, as we previewed early this year. Companies that sell software to the federal government or...more

FedRAMP Begins to Implement Its Vision: Introducing the Agile Delivery Pilot, Developer’s Hub and Knowledge Management System

BakerHostetler on 8/1/2024

In our recent article, we discussed FedRAMP’s Roadmap to the Future, outlining FedRAMP’s ambitious plan to breathe new life into the FedRAMP program by, among other goals, updating the authorization process and automating key...more

Travis Howerton on Automating Security & Compliance

Thomas Fox - Compliance Evangelist on 7/20/2023

Automation in the compliance arena is becoming increasingly ubiquitous. Yet many of the most significant innovations for automation are not found in the anti-bribery/anti-corruption space but in adjacent spaces. That message...more

FedRAMP › Compliance

"My best business intelligence, in one easy email…"