Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more
4/21/2025
/ Automated Systems ,
Cloud Computing ,
Cybersecurity ,
Data Security ,
FedRAMP ,
Government Agencies ,
Information Technology ,
NIST ,
OMB ,
Regulatory Reform ,
Regulatory Requirements ,
Risk Management
In his final days in office, President Biden signed an ambitious executive order to improve the federal government's approach to cybersecurity. Executive Order 14114 ("Executive Order"), issued January 16, 2025, titled...more
2/5/2025
/ Biden Administration ,
Cloud Computing ,
Compliance ,
Cybersecurity ,
Data Security ,
Department of Justice (DOJ) ,
Enforcement ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
FedRAMP ,
General Services Administration (GSA) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
NIST ,
OMB ,
Software
On June 11, the Federal Communications Commission ("FCC") issued a Report and Order creating the Schools and Libraries Cybersecurity Pilot Program ("Pilot Program") to provide funding for K-12 schools, libraries, and...more
On May 15, the Securities and Exchange Commission adopted amendments to Regulation S-P, which covers broker-dealers, registered investment advisors (RIAs), and investment companies (funds). These entities are now required to...more
5/28/2024
/ Broker-Dealer ,
Customer Information ,
Cybersecurity ,
Data Breach ,
FACTA ,
Financial Institutions ,
Gramm-Leach-Blilely Act ,
Investment Adviser ,
Investment Companies ,
New Amendments ,
Personal Information ,
Regulation S-P ,
Reporting Requirements ,
Securities and Exchange Commission (SEC)
The U.S. Department of Commerce's ("Commerce") Bureau of Industry and Security ("BIS") has issued a proposed rule (the "Proposed Rule") that would impose significant diligence, reporting, and recordkeeping requirements on...more
2/15/2024
/ Artificial Intelligence ,
Bureau of Industry and Security (BIS) ,
Cloud Service Providers (CSPs) ,
Cybersecurity ,
IaaS ,
Know Your Customers ,
Machine Learning ,
Patent Infringement ,
Penalties ,
Proposed Rules ,
Reporting Requirements ,
Training ,
U.S. Commerce Department
The Cybersecurity and Infrastructure Security Agency (CISA) has released a revised draft of its Secure Software Development Attestation Common Form ("Form"). The Form, once finalized, will obligate vendors providing software...more
12/1/2023
/ Automation Systems ,
Cybersecurity ,
Department of Justice (DOJ) ,
Executive Orders ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
General Services Administration (GSA) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
NIST ,
Noncompliance ,
OMB ,
Risk Assessment ,
Software Developers ,
Supply Chain