Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
In what can best be described as a tsunami of cybersecurity regulation, the Federal Acquisition Regulation (FAR) Council—consisting of the Department of Defense (DoD), General Services Administration (GSA), and National...more
The Department of Homeland Security Cybersecurity & Infrastructure Security Agency recently released its Cyber Essentials guide. Consistent with the NIST Cybersecurity Framework, these Cyber Essentials provide “a starting...more
At the close of 2018, the Department of Health and Human Services (HHS) published Health Industry Cybersecurity Practices (HICP): Managing Threats and Protecting Patients. While not formally styled as guidance or interpretive...more
• The U.S. Department of Health and Human Services on Dec. 28, 2018, announced the release of the "Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients" that provides a "Call to Action" to make...more
Cybersecurity risks to the nation's critical infrastructure (CI) – defined as 16 CI sectors, including transportation and maritime – continue to grow exponentially. The incoming Trump Administration has made it clear that...more
Section 405 of Title IV of the Cybersecurity Act is tailored specifically to cybersecurity matters affecting public and private health care entities. Section 405 of Title IV seeks to improve the cybersecurity landscape in...more
State breach notification statutes are being amended on almost a monthly basis. Several laws have, or will soon have, a mandatory notification deadline for notifying affected individuals after the discovery of the incident....more
Is Controlled Unclassified Information Out of Control? The OMB apparently thinks so. On August 11, 2015, the Obama administration, through the Office of Management and Budget (OMB), which is the largest office within the...more
As part of the government’s recent clarion call to improve our individual and collective cybersecurity posture, several federal and state agencies have released a variety of guidelines, frameworks, best practices and tips. ...more
In recognition of the increasing threat that cyber-attacks pose to the state's infrastructure and the considerable costs that government and private sectors are estimated to spend on cyber security (more than $70 billion...more
On February 12, 2013, President Obama signed an Executive Order (the Order) intended to enhance the cybersecurity of the country's critical infrastructure. According to the Order, "[t]he cyber threat to critical...more