Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
In May 2024, the National Institute of Standards and Technology (NIST) published Special Publication 800-171 Rev 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, and the accompanying...more
In May, the National Institute of Standards and Technology (NIST) issued updated recommendations for security controls for controlled unclassified information (CUI) that is processed, stored or transmitted by nonfederal...more
The National Institute of Standards and Technology (NIST) released the third revision of its Special Publication (SP) 800-171, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations." This...more
As a lawyer working in a firm with a sophisticated legal team providing robust regulatory, government contract, and cybersecurity services, our Christmas present and holiday reading arrived early with the publication of the...more
In today’s digital landscape, organizations face numerous cybersecurity threats that can compromise their valuable digital assets, including their data, IT infrastructure, networks, software, and intellectual property (IP)....more
Hollywood is full of them. And unless you are trapped on the Planet of the Apes, caught on the 3:10 to Yuma, or running from Godzilla, you’ve probably seen a movie reboot or two over the past two decades. The term generally...more
Anyone who has been closely following the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program knows the effort has experienced a fair number of complications and delays...more
The Department of Defense (DOD) recently announced several changes to its Cybersecurity Maturity Model Certification program. The program applies to those who serve as contractors and suppliers to the DOD. As described in our...more
People like to say that cybersecurity threats are constantly evolving. So perhaps it’s fitting that cybersecurity compliance is undergoing a significant evolution of its own this year, too. That evolution is the arrival of...more
The Department of Defense (DoD) continues to enhance cybersecurity requirements in its supply chain. A new rule requires some contractors to assign a numerical score to their current cybersecurity practices. Additionally, the...more
The Department of Defense (DoD) recently published an interim rule that sets forth its Cybersecurity Maturity Model Certification (CMMC) program plan, as well as new requirements for a “NIST SP 800-171 DoD Assessment...more
From the comfort of your own home office, join us at ACI's virtual Annual Advanced Forum on DCAA & DCMA Cost, Pricing, Compliance & Audits taking place on August 25-26, 2020 which addresses the latest developments on business...more
What is CMMC? CMMC is a unified cybersecurity standard and certification program for all U.S. Department of Defense (DoD) contractors. On January 31, 2020, DoD’s Office of the Under Secretary of Defense for Acquisition &...more
January 2020 was a very important month for DOD’s Cybersecurity Maturity Model Certification (CMMC) initiative. Last week, on January 31, 2020, DOD issued CMMC “Version 1.0” to the public....more
- DoD has released the final version of the CMMC framework. - DoD anticipates that CMMC requirements will appear in a limited number of solicitations starting in October 2020 and that they will appear in all DoD...more
On January 30, the US Department of Defense (DoD) released version 1.0 of the Cybersecurity Maturity Model Certification (CMMC) framework, which will require DoD contractors and subcontractors to obtain third-party...more
2019 has been a year of pivotal developments for defense contractors in the realm of cybersecurity compliance. The Department of Defense (DoD) issued six guidance memoranda to assist its acquisition personnel in developing...more
Last month we reported on the Department of Defense’s (DoD’s) issuance of Version 0.6 of its draft Cybersecurity Maturity Model Certification (CMMC) standard. That draft included DoD updates and revisions to CMMC’s domains,...more
The Department of Defense (DoD) is planning to release Volume 1.0 of the Cyber Maturity Model Certification (CMMC) framework, which will affect the award and continued performance of all DoD contracts. In response to the...more
The Situation: The United States government has been ramping up its efforts to protect sensitive data and is making clear it expects its contractors to protect data they receive and create. According to a recent Inspector...more