Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
Federal contractors, including defense contractors, should prepare for the emergence of new requirements in the coming months that are designed to strengthen software supply chain security, impose more stringent cybersecurity...more
The U.S. Department of Commerce’s National Institute of Standards and Technology (“NIST”) recently announced the publication of three AI guidelines as well as its release of a software package aimed at helping organizations...more
On July 26, 2024, the National Institute for Standards and Technology (“NIST”), part of the Department of Commerce, released guidelines, a global engagement plan, and software covering various aspects of AI technology...more
The U.S. District Court for the Southern District of New York on July 18, 2024, dismissed most of the SEC's landmark cyber enforcement litigation against SolarWinds Corp. (SolarWinds or the Company) and the Company's Chief...more
On February 7, 2024, California State Senator Scott Wiener introduced SB 1047, which is titled the “Safe and Secure Innovation for Frontier Artificial Intelligence Systems Act.” The bill is designed to impose additional due...more
The Cybersecurity and Infrastructure Security Agency (CISA) has released a revised draft of its Secure Software Development Attestation Common Form ("Form"). The Form, once finalized, will obligate vendors providing software...more
As follow-on guidance to Office of Management and Budget’s (OMB) September 14, 2022 memo and the associated Executive Order on Improving the Nation’s Cybersecurity from May 2021, the Cybersecurity and Infrastructure Security...more
The Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security (DHS) recently published a draft version of a Secure Software Development Attestation Common Form. The draft Common Form is...more
On April 27, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security (DHS) issued a Notice of Agency Information Collection Activities to solicit public comments on a...more
As part of the government’s move to “rebalance” responsibilities in cyber, described in the National Cybersecurity Strategy, the United States government on April 13 released a notable document in partnership with several...more
In response to major cyber-related attacks caused by software security flaws, such as the SolarWinds breach, the Biden administration is gearing up to crack down on software providers that distribute products with security...more
On September 14, 2022, the Office of Management and Budget (OMB) issued much-anticipated guidance on the implementation of Secure Software Development Framework (SSDF) requirements for contractors (The “Guidance Memo”)...more
In mid-September, the Office of Management and Budget (OMB) released a memorandum requiring federal agencies to obtain attestation from software developers before running third-party software on government networks. Under...more
Companies providing software to the federal government need to be prepared to attest that their software is NIST (National Institute of Standards and Technology)-compliant within the coming year. On September 14, 2022, the...more
The National Institute of Standards and Technology (NIST) issued a request for public comment to help guide the development of the current and future state of technology in eight emerging technology areas. Those areas include...more
Consumer software providers will soon have the option to label their software as compliant with National Institute of Standards and Technology (NIST) standards for software security. On November 1, 2021, NIST published its...more
On May 12, President Biden signed an Executive Order on Improving the Nation’s Cybersecurity. The order comes on the heels of a number of recent widely reported cybersecurity crises, including the Solar Winds and Microsoft...more
In a release aptly labeled “A Starting Point for IoT Device Manufacturers” the National Institute of Standards and Technology (NIST), an arm of the Department of Commerce, recently added to the discussion with the...more
The National Institute of Standards and Technology (NIST) recently circulated a draft white paper discussing recommended security practices to be adopted throughout the various phases of software development. The white paper...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Evaluates Advances in Face Recognition Software - On November 30, 2018, the National Institute of Standards and Technology ("NIST") published a...more
Manufacturers of wireless devices used for Internet of Things (IoT) applications should take heed of new Trump Administration proposals aimed at reducing the cybersecurity threats from botnets and other automated and...more