Data Retention and Document Holds
Trial by Tech: The Evolution of the Digital Courtroom – Speaking of Litigation Video Podcast
Information Security and ISO 27001
No Password Required: LIVE From Sunshine Cyber Con
Calculating eDiscovery Costs: Tips from Brett Burney
No Password Required: President at Constellation Cyber, Former FBI Translator, and Finder of Non-Magical Mushrooms
Managing Large Scale Review Efficiency: Tips From a GC
DE Under 3: US DOL Inspector General’s Office Report Cites IT Modernization & Security Concerns
RegFi Episode 8: The Technological Path to Outcomes-Based Regulation with Matt Van Buskirk
Podcast: Discussing Information Blocking with Eddie Williams
The Data Center Cooling Conundrum With Leland Sparks - TAG Infrastructure Talks Podcast
[Podcast] TikTok off the Clock: Navigating the TikTok Ban on Devices for Government Contractors
Everything Dynamic Everywhere: Managing a More Collaborative Microsoft 365
Law Firm ILN-telligence Podcast | Episode 62: Pierre Hurt, Lutgen & Associes | Luxembourg
ATL1, Atlanta Infrastructure and More With Brandon Peccoralo of Databank - TAG Infrastructure Talks Podcast
Expanded Information Block Rules Go into Effect
5 Key Takeaways | Current Perspectives Around the Convergence of Life Sciences and IT
No Password Required: A Child of the 1980s With a Knack for Storytelling, Comedic Timing, and Building an Elite Cybersecurity Team
Changing Hands: Keys To Downstream M&A IT Integration
Mia Reini and Monica Lopez Reinmiller on a Risk-Based Approach to Managing Employee Hotlines
Government efforts to enforce cybersecurity control requirements have moved forward in the opening months of the Trump administration. Regardless of the changes coming to other areas of contracting and the Federal Acquisition...more
Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more
Organizations seeking to improve their cybersecurity posture in 2025 must assess what happens after an incident has occurred, and how an incident response team will be able to mobilize to respond. This article provides...more
WHAT: The FAR Council published a proposed rule to incorporate the Controlled Unclassified Information (CUI) Program into the acquisition process and, in doing so, seeks to more clearly define government and contractor roles...more
In today's digital landscape, robust password management is critical to information security. With the increasing complexity of cyber threats, ensuring secure access to sensitive information has become more critical than...more
Data Resilience Masterclass: Navigating the Risks of the Digital Age - Data Risk and Resilience is a critical topic for modern businesses, especially within industries that handle vast amounts of sensitive information....more
As discussed in a previous post, in 2022, the Quantum Computing Cybersecurity Preparedness Act ordered an examination of federal administrative agencies' data cryptography to prepare for a future where quantum computing is...more
So far, 2024 has been another very busy year for U.S. cybersecurity regulation. Among the top priorities has been software security, as we previewed early this year. Companies that sell software to the federal government or...more
Defining the role of inherent risk in cybersecurity - Inherent risk is a concept that while fundamental to cybersecurity, has largely been disregarded by popular cybersecurity risk guidelines and standards and remains arcane...more
...As the world grapples with the rapid advancement of artificial intelligence (AI) technologies, concerns about the potential risks and unintended consequences have understandably taken center stage. While some advocate for...more
The proliferation of cybersecurity regulations has the White House and Congress calling for harmonization to streamline regulations, focus on reciprocity, and decrease compliance costs. Senator Gary Peters (D-MI), chair of...more
Companies, particularly those in “critical infrastructure” sectors, have seen a dramatic increase in cybersecurity regulatory requirements in just the past few years – and the White House is looking to move faster. At the...more
On April 30, 2024 the White House updated the foundational U.S. government policy that defines critical infrastructure (CI) sectors and establishes a coordination structure within the federal government to support owners and...more
In March 2024, the Cybersecurity and Infrastructure Security Agency (CISA) released the final version of its secure software development self-attestation common form (Form), requiring federal government contractors who...more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
The United States Department of Defense (“DoD”) recently published its Defense Industrial Base Cybersecurity Strategy 2024. For context, the DIB is comprised of more than 100,000 domestic and foreign companies or...more
The American Hospital Association (AHA) has warned that information technology (IT) help desks are being targeted in a social engineering scheme that uses the stolen identity of revenue cycle employees or employees in other...more
On October 30, 2023, the US Securities and Exchange Commission ("SEC") announced that it filed charges against SolarWinds Corp. ("SolarWinds" or the "Company") and its Chief Information Security Officer ("CISO") in connection...more
The SEC on Oct. 30, 2023, filed a landmark cybersecurity enforcement action against SolarWinds Corp. (SolarWinds) and the company's current Chief Information Security Officer (CISO) Timothy Brown. The SEC's complaint alleges...more
In what can best be described as a tsunami of cybersecurity regulation, the Federal Acquisition Regulation (FAR) Council—consisting of the Department of Defense (DoD), General Services Administration (GSA), and National...more
The Federal Acquisition Regulatory (FAR) Council on Oct. 3, 2023, issued two proposed rules to partially implement President Biden's Executive Order on Improving the Nation's Cybersecurity. The first proposed rule imposes...more
With scams evolving and growing in volume and maturity, it is more important than ever before to be vigilant about what information is available to nefarious actors. This article provides common scam scenarios, tips for...more
As modern companies are increasingly adopting AI systems to automate and augment their businesses, many legal and compliance departments have cautioned against fully embracing this new and untested technology. Successful...more
The National Institute of Standards and Technology (NIST) has released an initial public draft of NIST SP 800-171, Revision 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. Compliance...more
On March 2, 2023, the Biden Administration released its National Cybersecurity Strategy. The Strategy represents the latest push by the Administration to focus on cybersecurity concerns, following the release of Executive...more