Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
The Department of Justice’s (DOJ) final rule implements President Biden’s Executive Order 14117 of February 28, 2024, on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more
In his final days in office, President Biden signed an ambitious executive order to improve the federal government's approach to cybersecurity. Executive Order 14114 ("Executive Order"), issued January 16, 2025, titled...more
On January 16, 2025, President Biden issued Executive Order 14144 on Strengthening and Promoting Innovation in the Nation’s Cybersecurity (the “EO”). Building on prior initiatives such as Executive Order 14028 and the...more
Organizations face increasingly sophisticated threats that can compromise data and disrupt business operations. This presentation will explore the role that digital forensics plays in an effective incident response plan using...more
In this episode of "Regulatory Phishing," Government Contracts and Cybersecurity attorney Eric Crusius delves into the latest developments from the Cybersecurity Maturity Model Certification (CMMC) program, National Institute...more
On February 28, 2024, President Biden signed Executive Order 14117 (the EO), on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” The United...more
In March 2024, the Cybersecurity and Infrastructure Security Agency (CISA) released the final version of its secure software development self-attestation common form (Form), requiring federal government contractors who...more
As governments around the world begin to introduce new frameworks and standards addressing the responsible design, development, deployment and operation of artificial intelligence (AI) systems, chief compliance officers...more
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (UK NCSC), along with partner agencies from 17 nations, have released Guidelines for Secure AI System Development (the...more
The Cybersecurity and Infrastructure Security Agency (CISA) has released a revised draft of its Secure Software Development Attestation Common Form ("Form"). The Form, once finalized, will obligate vendors providing software...more
On day two of Mobile World Congress (MWC), CTIA hosted a panel on “Promoting Security in a 5G World.” The panel discussed ongoing efforts by regulators and the ways that the wireless industry is responding to a changing...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice....more
The Office of the National Cyber Director (ONCD) has extended the deadline to respond to its Request for Information (RFI) seeking public comment on "opportunities for and obstacles to harmonizing" cybersecurity regulations....more
As follow-on guidance to Office of Management and Budget’s (OMB) September 14, 2022 memo and the associated Executive Order on Improving the Nation’s Cybersecurity from May 2021, the Cybersecurity and Infrastructure Security...more
On December 29, 2022, President Biden signed a new statute that will significantly impact medical device cybersecurity regulation. Section 3305 of the Consolidated Appropriations Act of 2023 (“Section 3305”) authorizes the...more
On March 15, 2021, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which will require critical infrastructure owners and operators (among other things) to report...more
While the DoD charts a path forward on CMMC, the USG is emphasizing the need to comply with existing cyber obligations in government contracts and taking steps to enforce compliance with those obligations. The June 16 Memo...more
We have all read about the high-profile malicious cyber-attacks and ransomware demands and payments. The Colonial Pipeline case demonstrated how responsive law enforcement can be in tracking down perpetrators and recovering...more
Last month, the Office of Management and Budget (OMB) and the Cyber and Infrastructure Security Agency (CISA) released draft guidance to implement a Zero Trust cybersecurity policy government-wide. OMB and CISA are seeking...more
Key Wireless Deadlines - CISA Seeks Comment on its Zero Trust Maturity Model: The Cybersecurity and Infrastructure Security Agency (CISA) requests comment on its draft Zero Trust Maturity Model. This draft publication is...more
In the last several weeks, the Executive and Legislative branches of the United States federal government have taken bipartisan measures to defend the country’s infrastructure from the critical national security threat posed...more
There is a glut of information out there regarding privacy and cybersecurity these days. Our new feature “What We’re Reading” provides a curated list of articles, blogs, newsletters, and books that you may find interesting...more
On May 12, 2021, President Biden signed a sweeping Executive Order (EO) to protect federal government networks and software supply chains against increasing threats of attacks from malicious cyber actors, setting the stage...more
The Department of Homeland Security Cybersecurity & Infrastructure Security Agency recently released its Cyber Essentials guide. Consistent with the NIST Cybersecurity Framework, these Cyber Essentials provide “a starting...more