Treating Compliance Like an Asset
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 241: Fighting Nurse Burnout with Data-Driven Innovation with Dr. Ecoee Rooney of Indicator Sciences
Compliance Tip of the Day: Assessing Internal Controls
Daily Compliance News: July 7, 2025 the Disaster on the River Edition
Multijurisdictional Employers, P2: 2025 State-by-State Updates on Non-Compete/Non-Solicitation Agts
10 For 10: Top Compliance Stories For the Week Ending June 28, 2025
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Episode 30 - Inaugural Episode with Ian Sherr: Compliance Week’s Insights and Reflections from June to July 2025
How International Companies Can Prepare for July 9 Tariffs
The Dark Patterns Behind Corporate Scandals
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Daily Compliance News: June 26, 2025, The? Matt Galvin Honored Edition
Current Regulatory, Legislative, and Litigation Developments on ADA Website Accessibility for Consumer Finance Digital Platforms — The Consumer Finance Podcast
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance into the Weeds: Boeing’s New Safety Initiatives and Compliance Reforms
Compliance Tip of the Day: COSO Objective 3 – Control Activities
Legal Shifts in 2025 Put Employer Non-Compete Strategies at Risk - Employment Law This Week® - Spilling Secrets Podcast
Summer Strategies for Work Success
Cyber-attacks against America’s defense industrial base are becoming more sophisticated and more frequent. To reduce the risk of sensitive national security information landing in the hands of bad actors, the Department of...more
The Department of Defense (DoD) recently issued a memo titled, "Implementing the Cybersecurity Maturity Model Certification (CMMC) Program: Guidance for Determining Appropriate CMMC Compliance Assessment Levels and Process...more
The Department of Defense (“DOD”) recently issued new guidance outlining how it will determine Cybersecurity Maturity Model Certification (“CMMC”) levels for its solicitations and contracts. Prior to this guidance,...more
The wait is finally over! After more than 14 years of anticipation, the Federal Acquisition Regulation (“FAR”) Proposed Rule on Controlled Unclassified Information (“CUI”) was released on January 15, 2025 and comes as part of...more
On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more
After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more
To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more
Part of the Biden Administration’s push to enhance U.S. cybersecurity capabilities has focused on imposing new requirements on government contractors. The 2023 National Cybersecurity Strategy suggested, for example, that...more
Merger and acquisition (M&A) activity is often the lifeblood of corporate growth. While whole treatises can be, and have been, written on cybersecurity and legal challenges during M&A activity, the following are a few key...more
Since 2016, the federal government has implemented numerous procurement regulations and associated contract clauses to address cybersecurity by requiring contractors to adopt various controls and standards to protect...more
On August 15, 2024, the Department of Defense (DOD) announced the much-anticipated Proposed Rule that would amend the Defense Federal Acquisition Regulation Supplement (DFARS) to include Cybersecurity Maturity Model...more
In May, the National Institute of Standards and Technology (NIST) issued updated recommendations for security controls for controlled unclassified information (CUI) that is processed, stored or transmitted by nonfederal...more
On May 14, 2024, the National Institute of Standards and Technology (NIST) dropped the third remix…er, revision…of its Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems...more
In this series of articles, we explore the different certification requirements of CMMC Levels 1, 2 and 3; the impact on contractors and external service providers; and proposed next steps... On December 26, 2023, the US...more
On December 26, 2023, the Department of Defense (“DoD”) belatedly gifted defense contractors and subcontractors a Proposed Rule on the Cybersecurity Maturity Model Certification (“CMMC”) Program. DoD also released eight CMMC...more
The U.S. Department of Defense released a special holiday treat for government contractors and subcontractors last week in the form of long-promised proposed regulations for its Cybersecurity Maturity Model Certification...more
The Biden Administration released its Fall 2022 regulatory agenda (Regulatory Agenda) on Jan. 4, 2023. In it, the administration outlined regulations aimed at cybersecurity requirements for government contractors, the...more
ACI’s 5th National Forum on FOCI is back IN PERSON this September! Don’t miss the only comprehensive, practical FOCI event of its kind. The Defense Counterintelligence Security Agency (DCSA) is heightening its scrutiny and...more
Last November, the U.S. Department of Defense (DOD) announced sweeping changes to the Cybersecurity Maturity Model Certification (CMMC) program in a new “version 2.0.” Although we are still awaiting the interim regulations,...more
On December 15, 2021, Congress passed the National Defense Authorization Act (NDAA or Act) for Fiscal Year (FY) 2022, which President Biden is expected to sign into law soon. As usual, the NDAA contains numerous provisions...more
2020 saw the implementation of several game-changing regulations for government contractors. None the least of these were related to DOD’s Cybersecurity Maturity Model Certification (CMMC) and Section 889 of the National...more
Our Privacy, Cyber & Data Strategy Team updates the slow progress of the Cybersecurity Maturity Model Certification and the slower progress of clearing assessment organizations that can actually certify contractors....more
People like to say that cybersecurity threats are constantly evolving. So perhaps it’s fitting that cybersecurity compliance is undergoing a significant evolution of its own this year, too. That evolution is the arrival of...more
Our blogs and alerts have reported on the increasing legislative and regulatory requirements to promote the security of the U.S. supply chain, including its cybersecurity....more