Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
The Department of Justice’s (DOJ) final rule implements President Biden’s Executive Order 14117 of February 28, 2024, on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more
A groundbreaking new regulatory regime, imposing rules unlike any in existing U.S. law, may surprise many companies due to its sudden adoption and complexity. This article tries to simplify the changing regulatory landscape,...more
In his final days in office, President Biden signed an ambitious executive order to improve the federal government's approach to cybersecurity. Executive Order 14114 ("Executive Order"), issued January 16, 2025, titled...more
The rule imposes substantial new diligence, reporting, cybersecurity, and auditing obligations on companies. On December 27, 2024, the U.S. Department of Justice (“DOJ”) issued a final rule implementing Executive Order...more
The U.S. Department of Justice (DOJ) has issued a comprehensive final rule (the "Rule") targeting foreign access to sensitive U.S. data, including Americans' "bulk" sensitive personal data....more
The U.S. remains on course to restrict a broad range of cross border data transfers to China, Russia, and other designated countries. On October 21, 2024, the Department of Justice (DOJ) issued a Notice of Proposed Rulemaking...more
On February 28, 2024, President Biden signed Executive Order 14117 (the EO), on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” The United...more
2024 is shaping up to be a very active year for regulatory and enforcement developments in the healthcare industry – developments that concern not just hospitals and nursing facilities, but many non-healthcare companies as...more
On February 28, 2024, President Biden announced that he was issuing an Executive Order (the "EO") directing the promulgation of regulations to limit the dissemination of "bulk sensitive personal data" and "United States...more
The Cybersecurity and Infrastructure Security Agency (CISA) has released a revised draft of its Secure Software Development Attestation Common Form ("Form"). The Form, once finalized, will obligate vendors providing software...more
The Federal Acquisition Regulation (FAR) Council has proposed two new cybersecurity rules that would impose significant obligations and risks for federal government contractors. The proposed rules impose substantial cyber...more
Amid the escalating conflict in Ukraine and concerns of Russian cyber threats to the United States, President Joe Biden recently signed a $1.5 trillion government spending deal with serious cybersecurity reporting obligations...more
Key Points - On October 6, 2021, the DOJ announced two new initiatives: the Civil Cyber-Fraud Initiative and the National Cryptocurrency Enforcement Team. The Civil Cyber-Fraud Initiative will fight rising cyber threats...more