Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
Material updates to the HIPAA Security Rule could be on the way — affecting all HIPAA-regulated entities — for the first time in two decades. The Department of Health and Human Services (HHS) issued a Notice of Proposed...more
As artificial intelligence (AI) continues to advance rapidly, organizations of all types are seeking to deploy this powerful tool to increase the effectiveness and efficiency of their operations, improve service to their...more
On March 15, 2024, the Bipartisan Senate Artificial Intelligence Working Group (the "AI Working Group")—led by Senate Majority Leader Chuck Schumer (D-N.Y.) and Sens. Mike Rounds (R-S.D.), Martin Heinrich (D-N.M.), and Todd...more
On May 15, 2024, the Senate AI Working Group—Senate Majority Leader Chuck Schumer (D-NY) and Sens. Mike Rounds (R-SD), Todd Young (R-IN), and Martin Heinrich (D-NM)—issued their long-anticipated Roadmap for Artificial...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
“Generative AI” tools – i.e., tools that use artificial intelligence (AI) technology to generate content, such as text, images, and videos – have become increasingly popular. As a result, companies are quickly facing...more
Legislative Update - Defense Federal Acquisition Regulation Supplement: Use of Supplier Performance Risk System (SPRS) Assessments (DFARS Case 2019–D009) DoD issued a final rule amending the DFARS to update the policy...more
Over the span of five months in 2021, our team published a series of articles on how to implement the five core functions of the National Institute of Standards and Technology (NIST) Privacy Framework. We wrote an initial...more
In this fourth installment of five articles centered around the core functions within the National Institute of Standards and Technology (NIST) Privacy Framework, we cover the Communicate function and the corresponding...more
The National Institute of Standards and Technology (NIST) Privacy Framework is a widely known control set used to assist organizations in identifying privacy risks within their business environment and allocating resources to...more
People like to say that cybersecurity threats are constantly evolving. So perhaps it’s fitting that cybersecurity compliance is undergoing a significant evolution of its own this year, too. That evolution is the arrival of...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
In 2019, cybersecurity has become top-of-mind for most federal government contractors and agencies that share sensitive information. In addition to updated Department of Defense guidance and procedures for evaluating...more
Effective November 2, 2018, companies that suffer a breach may have certain defenses in Ohio if they have a written cybersecurity program in place. Under this new law, companies can use as an affirmative defense the existence...more
Everyone in healthcare knows that the next round of HIPAA audits is coming. Covered entities and business associates have long been advised to review and update their HIPAA security risk analyses, have business associate...more