Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
In his final days in office, President Biden signed an ambitious executive order to improve the federal government's approach to cybersecurity. How this sweeping order will fare under the Trump Administration is difficult to...more
In his final days in office, President Biden signed an ambitious executive order to improve the federal government's approach to cybersecurity. Executive Order 14114 ("Executive Order"), issued January 16, 2025, titled...more
On January 16, 2025, President Joe Biden issued the “Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity,” a comprehensive directive designed to address the growing complexity and...more
On January 16, 2025, President Biden issued Executive Order 14144 on Strengthening and Promoting Innovation in the Nation’s Cybersecurity (the “EO”). Building on prior initiatives such as Executive Order 14028 and the...more
In this episode of "Regulatory Phishing," Government Contracts and Cybersecurity attorney Eric Crusius delves into the latest developments from the Cybersecurity Maturity Model Certification (CMMC) program, National Institute...more
In March 2024, the Cybersecurity and Infrastructure Security Agency (CISA) released the final version of its secure software development self-attestation common form (Form), requiring federal government contractors who...more
The Federal Acquisition Regulation (FAR) Council has proposed two new cybersecurity rules that would impose significant obligations and risks for federal government contractors. The proposed rules impose substantial cyber...more
On June 9, 2023, the White House Office of Management and Budget (OMB) issued Memorandum M-23-16, which delays implementation of a key secure software attestation requirement. The delay was necessary because the Cybersecurity...more
As contemplated by PilieroMazza’s recent blog, the Cybersecurity and Infrastructure Security Agency (CISA) released a notice and request for comments on a new requirement for software producers to provide self-attestations...more
While the DoD charts a path forward on CMMC, the USG is emphasizing the need to comply with existing cyber obligations in government contracts and taking steps to enforce compliance with those obligations. The June 16 Memo...more
A bipartisan group of 14 United States senators recently introduced proposed legislation that would require federal contractors and operators of critical infrastructure to disclose any cyber intrusion within 24 hours...more
The legislation would require all federal contractors to report potential and actual cybersecurity incidents to the Department of Homeland Security. The Act would impose a 24-hour reporting requirement on federal...more
On May 12, 2021, President Biden signed a sweeping Executive Order (EO) to protect federal government networks and software supply chains against increasing threats of attacks from malicious cyber actors, setting the stage...more
Federal contractors face confusion and uncertainty over whether their companies and employees performing under federal contracts are exempted from the various restrictions in the recent state-issued “stay at home” orders...more