On March 11, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) and the Office of Management and Budget (OMB) published an updated Secure Software Development Attestation Form, me...
The Department of Defense (DoD) recently published a memorandum clarifying what it means for a cloud service provider (CSP) to be Federal Risk and Authorization Management Program (FedRAMP) Mod...
CMMC This special edition covers DoD’s proposed rule for the Cybersecurity Maturity Model Certification Program, and is hosted by Peter Eyre, Michael Gruden, and Nkechi Kanu. Crowell & Moring�...
On December 26, 2023, the Department of Defense (DoD) released the highly anticipated proposed rule for the Cybersecurity Maturity Model Certification Program (CMMC), a cybersecurity regulatory...
Almost a decade after the Department of Defense developed rules requiring mandatory reporting of cyber incidents, on October 3, 2023, the Federal Acquisition Regulation (FAR) Council released new...
This week’s episode covers two notable False Claims Act settlements and the White House National Cybersecurity Strategy Implementation Plan, and is hosted by Peter Eyre and Yuan Zhou. Crowell &...
On June 18, 2023, the Biden-Harris administration announced the launch of a new “U.S. Cyber Trust Mark” program (hereinafter the “Program”). First proposed by Federal Communication Commis...
This week’s episode covers a DHS final rule implementing measures to safeguard Controlled Unclassified Information and facilitate improved incident reporting to DHS, a letter from Silicon Valle...
On June 21, 2023, the Department of Homeland Security (DHS) issued a final rule amending the Homeland Security Acquisition Regulation (HSAR) by updating an existing clause (HSAR 3052.204-71) an...
On June 9, 2023, the Office of Management and Budget (OMB) released M-23-16, Update to Memorandum M-22-18, which alters key deadlines and clarifies how agencies and software developers can compl...