Summer Strategies for Work Success
The Classification of Gasoline & Gasoline Fumes as a Carcinogen: Considerations for Corporate Executives & Attorneys
Understanding the DOJ's Recent Corporate Enforcement Policy Changes
The Trend of Threatening Physicians for Personal Gain
Hiring Smarter: Best Practices for Interviews: What's the Tea in L&E?
Workplace ICE Raids Are Surging—Here’s How Employers Can Prepare - #WorkforceWednesday® - Employment Law This Week®
Crafting Effective Flexible Leave Policies for Employers
Episode 373 -- Christian Focacci on Current Developments in AI and Risk Management
Rethinking Records Retention
Compliance Tip of the Day: Internal Controls for GTE
Work This Way: A Labor & Employment Law Podcast | Episode 48: Opportunities & Risks with Artificial Intelligence in HR with Chingwei Shieh of GE Power
Handling References and Referrals While Safeguarding Your Business
Everything Compliance: Shout Outs and Rants - Episode 155
Daily Compliance News: June 10, 2025, The Ruinous Burdens Edition
Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder
Daily Compliance News: June 9, 2025, The Repugnant Edition
Adventures in Compliance: The Novels: The Sign of Four – Applying Sherlock Holmes’ Methods to Modern Corporate Compliance
Sunday Book Review: June 8, 2025, The Books on AI Governance Edition
Compliance Tip of the Day: Internal Controls for Third Parties
Daily Compliance News: June 6, 2025, The Good Punishment Edition
The Department of Defense (DoD) is revving its engines again—this time to rocket past its own software acquisition drag. Launched via an April 24 memo from Acting DoD CIO Katie Arrington, the DoD’s Software Fast Track (SWFT)...more
Cyber-attacks against America’s defense industrial base are becoming more sophisticated and more frequent. To reduce the risk of sensitive national security information landing in the hands of bad actors, the Department of...more
The Department of Defense (DoD) recently issued a memo titled, "Implementing the Cybersecurity Maturity Model Certification (CMMC) Program: Guidance for Determining Appropriate CMMC Compliance Assessment Levels and Process...more
The Department of Defense (“DOD”) recently issued new guidance outlining how it will determine Cybersecurity Maturity Model Certification (“CMMC”) levels for its solicitations and contracts. Prior to this guidance,...more
After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more
To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more
Part of the Biden Administration’s push to enhance U.S. cybersecurity capabilities has focused on imposing new requirements on government contractors. The 2023 National Cybersecurity Strategy suggested, for example, that...more
Publications & Advisories - November 2024 – Kathleen Benway, Jennifer Everett, Alysa Austin, and Kristen Bartolotta published “Federal Trade Commission’s Updated Health Breach Notification Rule Is Now in Effect” in Employee...more
Merger and acquisition (M&A) activity is often the lifeblood of corporate growth. While whole treatises can be, and have been, written on cybersecurity and legal challenges during M&A activity, the following are a few key...more
Since 2016, the federal government has implemented numerous procurement regulations and associated contract clauses to address cybersecurity by requiring contractors to adopt various controls and standards to protect...more
On August 15, 2024, the Department of Defense (DOD) announced the much-anticipated Proposed Rule that would amend the Defense Federal Acquisition Regulation Supplement (DFARS) to include Cybersecurity Maturity Model...more
In May, the National Institute of Standards and Technology (NIST) issued updated recommendations for security controls for controlled unclassified information (CUI) that is processed, stored or transmitted by nonfederal...more
On May 14, 2024, the National Institute of Standards and Technology (NIST) dropped the third remix…er, revision…of its Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems...more
In this series of articles, we explore the different certification requirements of CMMC Levels 1, 2 and 3; the impact on contractors and external service providers; and proposed next steps... On December 26, 2023, the US...more
On December 26, 2023, the Department of Defense (“DoD”) belatedly gifted defense contractors and subcontractors a Proposed Rule on the Cybersecurity Maturity Model Certification (“CMMC”) Program. DoD also released eight CMMC...more
The U.S. Department of Defense released a special holiday treat for government contractors and subcontractors last week in the form of long-promised proposed regulations for its Cybersecurity Maturity Model Certification...more
Cybersecurity continues to be top of mind for federal and state policymakers. This advisory identifies and analyzes some major recent developments that present opportunities and challenges in the coming months for a broad...more
Last November, the U.S. Department of Defense (DOD) announced sweeping changes to the Cybersecurity Maturity Model Certification (CMMC) program in a new “version 2.0.” Although we are still awaiting the interim regulations,...more
On December 15, 2021, Congress passed the National Defense Authorization Act (NDAA or Act) for Fiscal Year (FY) 2022, which President Biden is expected to sign into law soon. As usual, the NDAA contains numerous provisions...more
2020 saw the implementation of several game-changing regulations for government contractors. None the least of these were related to DOD’s Cybersecurity Maturity Model Certification (CMMC) and Section 889 of the National...more
Our Privacy, Cyber & Data Strategy Team updates the slow progress of the Cybersecurity Maturity Model Certification and the slower progress of clearing assessment organizations that can actually certify contractors....more
People like to say that cybersecurity threats are constantly evolving. So perhaps it’s fitting that cybersecurity compliance is undergoing a significant evolution of its own this year, too. That evolution is the arrival of...more
The cyber insurance market size is currently valued in the billions, and this does not include insurance policies that do not explicitly mention cyber incidents but may nevertheless cover them. With this in mind,...more
Through ADG Insights, we share with you the top legal and political issues affecting the aerospace, defense, and government services (ADG) industry. Our ADG industry team monitors the latest developments to help our clients...more