Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
FCC Solicits Comment on Amending Accessibility Rules for IVCS: In this Further Notice of Proposed Rulemaking (FNPRM) the Federal Communications Commission (FCC or Commission) requests further comment on whether to amend its...more
On January 15, 2025, the Federal Acquisition Regulatory Council (FAR Council) proposed two significant rule changes that could reshape compliance obligations for government contractors: one establishing standardized...more
Over the last few years, the Federal Risk and Authorization Management Program (“FedRAMP”) Program Management Office (“PMO”) has released two draft guidance documents related to defining the applicable boundary for security...more
The National Institute of Standards and Technology (NIST) is seeking comments to improve its Cybersecurity Framework, “Framework for Improving Critical Infrastructure Cybersecurity” (Request for Information available here)....more
Over the last several years, the Federal Communications Commission (FCC) has been taking a more active role both in anticipating the need for ever greater communications network security measures necessary to counter threats...more
Key Wireless Deadlines- NIST Requests Comment on Staging Cybersecurity Risks for Enterprise Risk Management and Governance Oversight: The National Institute of Standards and Technology (NIST) seeks comment on Draft NISTIR...more
The National Institute of Standards and Technology (NIST) issued a request for public comment to help guide the development of the current and future state of technology in eight emerging technology areas. Those areas include...more
Key Wireless Deadlines - CISA Seeks Comment on its Zero Trust Maturity Model: The Cybersecurity and Infrastructure Security Agency (CISA) requests comment on its draft Zero Trust Maturity Model. This draft publication is...more
Recently, the National Institute of Standards and Technology (NIST) requested comments to its Resource Guide for implementing the HIPAA Security Rule. (i.e., SP 800-66). This Guide, first released in 2008, summarizes the...more
The National Institute of Standards and Technology has issue a set of draft principles for “explainable” artificial intelligence and is accepting comments until October 15, 2020. The authors of the draft principles outline...more
The FTC recently released its annual privacy and security report, providing a snapshot of the issues focused on in the previous year. These reports are often looked at as a signal for insights into the agency’s upcoming...more
In a release aptly labeled “A Starting Point for IoT Device Manufacturers” the National Institute of Standards and Technology (NIST), an arm of the Department of Commerce, recently added to the discussion with the...more
The Food & Drug Administration has recently released for comment a draft expansion of guidance regarding Content of Premarket Submissions for Management of Cybersecurity in Medical Devices. Although the FDA issued existing...more
The National Institute of Standards and Technology (NIST) is responsible for developing information security standards and guidelines—including minimum requirements for federal information systems. At the end of February,...more
We consistently comment about the importance of educating the next generation of students on cybersecurity. The earlier the better, as far as I am concerned-as early as the third grade. There is a dearth of cybersecurity...more
The National Association of Insurance Commissioners (NAIC) Cybersecurity Task Force released a revised draft of the Insurance Data Security Model Law (Model Law) last week. The Model Law’s goal is to “establish exclusive...more
The National Institute of Standards and Technology (NIST) announced last week that it is seeking comments on its draft publication “Recommendation for the Entropy Sources Used for Random Bit Generation.” What does this mean...more
The National Institute of Standards and Technology has announced that due to stakeholder feed-back, the period to submit comments for the draft guide, “Securing Electronic Health Records on Mobile Devices” has been extended...more
On July 22, the National Cybersecurity Center of Excellence (“NCCoE”), a U.S. government organization formed in 2012 within the National Institute of Standards and Technology (“NIST”), released a draft Cybersecurity Practice...more