CISA's proposed rules will require organizations operating in U.S. critical infrastructure sectors to report cyber incidents within 72 hours and ransom payments within 24 hours. ...more
The National Institute of Standards and Technology ("NIST") released a significant update to its framework, expanding its scope and reach to cover a broader audience and evolving cybersecurity risks and management issues....more
The U.S. Government has identified the exploitation of Americans' bulk sensitive personal data and U.S. government-related data by "countries of concern" as posing a national security risk....more
On December 26, 2023, the Department of Defense ("DoD") published a proposed rule to implement the Cybersecurity Maturity Model Certification ("CMMC") 2.0, which will establish comprehensive cybersecurity requirements for...more
On October 30, 2023, President Biden signed a first-of-its-kind executive order entitled, "Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence" ("AI")....more
11/1/2023
/ Algorithms ,
Artificial Intelligence ,
Biden Administration ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Executive Orders ,
Machine Learning ,
Regulatory Reform ,
Security Standards
The United States Patent and Trademark Office, along with the U.S. Departments of State and Commerce, sought initial public comment last week on draft guidelines entitled "International Guiding Principles for Organizations...more
10/31/2023
/ Algorithms ,
Artificial Intelligence ,
Comment Period ,
Copyright ,
Copyright Litigation ,
Cybersecurity ,
Intellectual Property Protection ,
Machine Learning ,
Technology ,
U.S. Commerce Department ,
USPTO
On June 16, the U.S. Department of Commerce published a final rule, effective July 17, 2023, on Securing the Information and Communications Technology and Services ("ICTS") Supply Chain, signaling potential new actions on...more
The OMB has issued memorandum M-22-18 with new security requirements (the "Rules") requiring federal agencies to ensure that all third-party software they use complies with secure software development standards and guidance...more
Regulations will mandate more robust customer identity verification procedures and special measures to combat malicious cyber activities.
On September 24, 2021, the Department of Commerce ("Commerce") published an Advance...more
The U.S. Department of Justice announces an initiative targeting cybersecurity-related fraud by government contractors and grant recipients.
On October 6, 2021, the U.S. Department of Justice ("DOJ") announced a new Civil...more
The U.S. Treasury Department has issued an updated ransomware advisory that highlights sanctions risks associated with ransomware payments and details proactive steps companies can take to mitigate these risks....more
Cybersecurity threats remain a constant concern for every business and organization, regardless of size, location, or industry. The stakes relating to possible litigation, financial repercussions, and reputational risk, are...more
President Biden's Executive Order calls for an extensive reassessment and revamping of the federal government's cybersecurity defenses and incident response capabilities, establishing benchmarks that may inform standards...more
The Situation: On May 12, 2021, President Biden issued an "Executive Order on Improving the Nation's Cybersecurity," which calls for "bold" and extensive action designed to update and standardize requirements and procedures...more
Cybersecurity risk is evolving and expanding. Traditionally, cybersecurity risk has been equated with cyber attacks and associated legal consequences. That risk is undoubtedly real: All internet connected systems remain...more
The General Services Administration ("GSA") is including language regarding cybersecurity requirements in requests for proposals relating to certain IT governmentwide acquisition contracts ("GWACs"). Certain requirements will...more
The Situation: In an October 1, 2020, Advisory, the U.S. Department of the Treasury's Office of Foreign Assets Control ("OFAC") warned that companies that make or facilitate ransomware payments to threat actors who are...more
The Situation: The United States government has been ramping up its efforts to protect sensitive data and is making clear it expects its contractors to protect data they receive and create. According to a recent Inspector...more
10/25/2019
/ Cloud Computing ,
Corporate Counsel ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
DFARS ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NIST ,
Popular ,
Supply Chain