Photo of Kate M. Growley, CIPP/G, CIPP/USPhoto of Evan D. WolffPhoto of Maida Oringher LernerPhoto of Michael G. Gruden, CIPP/GPhoto of Christopher Hebdon

The National Institute of Standards and Technology (NIST) recently released the final version of NIST Special Publication (SP) 800-172, Enhanced Security Requirements for Protecting Controlled Unclassified Information. Designed to supplement the requirements in NIST SP 800-171—the applicable standard under DFARS 252.204-7012—800-172 provides 35 enhanced security requirements to protect controlled unclassified information (CUI) associated with

Photo of Kate M. Growley, CIPP/G, CIPP/USPhoto of Evan D. Wolff

In this episode, hosts Evan Wolff and Kate Growley talk about what government contractors need to know about advanced persistent threats – or APTs. Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces.

ListenCrowell.com | PodBean | SoundCloud | Apple Podcasts 

Photo of Kate M. Growley, CIPP/G, CIPP/USPhoto of Evan D. Wolff

In this episode, hosts Kate Growley and Evan Wolff talk about the concepts of confidentiality, integrity, and availability in the cybersecurity context. Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces.

ListenCrowell.com | PodBean | SoundCloud | Apple Podcasts 

Photo of Alan W. H. GourleyPhoto of Adelicia R. CliffePhoto of Jana del-CerroPhoto of Caroline Brown

Today, Commerce has published an interim final rule (IR) which, effective March 22, 2021, will implement the May 15, 2019 Executive Order 13873 that relied on the International Emergency Economic Powers Act (IEEPA) to authorize sweeping power to block or undo any transaction – including use, purchases or importation – of virtually any “information and

Photo of Adelicia R. CliffePhoto of Kate M. Growley, CIPP/G, CIPP/USPhoto of Evan D. WolffPhoto of Michael G. Gruden, CIPP/GPhoto of Christopher Hebdon

The Department of Defense (DoD) recently implemented additional procedures for the mitigation of cybersecurity risks in its supply chain. Designed to identify and mitigate cybersecurity and related supply chain risks throughout a program’s lifecycle, DoD Instruction 5000.90, Cybersecurity Acquisition Decision Authorities and Program Managers, requires program managers to:

  • Assess contractors’ cybersecurity posture, including, where

Photo of Jonathan M. BakerPhoto of Adelicia R. CliffePhoto of Kate M. Growley, CIPP/G, CIPP/USPhoto of Laura J. Mitchell BakerPhoto of Michelle Coleman

On January 1, 2021, the 116th Congress enacted the Fiscal Year 2021 National Defense Authorization Act (NDAA), which established, among other things, the National Artificial Intelligence Initiative Act of 2020 (Division E, Title LI, §§ 5101-5106) (hereinafter “the Initiative”), a program to award financial assistance to National Artificial Intelligence Research Institutes (Division E, Title LII,

Photo of Charles BaekPhoto of Jonathan M. BakerPhoto of Adelicia R. CliffePhoto of Stephanie CrawfordPhoto of Peter J. EyrePhoto of Christopher D. GarciaPhoto of Kate M. Growley, CIPP/G, CIPP/USPhoto of Michael G. Gruden, CIPP/GPhoto of J. Chris HailePhoto of Olivia LynchPhoto of Nicole Owren-WiestPhoto of Michael Samuels

On December 11, 2020, Congress presented to President Trump H.R. 6395, National Defense Authorization Act for Fiscal Year 2021. On December 23, 2020, President Trump vetoed the bill. Subsequently, the House voted on December 28, 2020 and the Senate voted on January 1, 2021 to override the veto.

This Act contains numerous provisions that

Photo of Steve McBradyPhoto of Brian Tully McLaughlinPhoto of Lyndsay GortonPhoto of Alexandra Barbee-Garrett

On January 6, 2021, the Administrative Conference of U.S. Courts authorized federal district courts to develop policies for accepting “highly sensitive court documents (HSDs),” which would normally be filed electronically under seal, via paper filing. The statement from the Administrative Conference also acknowledged that the recent cybersecurity attack on SolarWinds products compromised the confidentiality of

Photo of Kate M. Growley, CIPP/G, CIPP/USPhoto of Evan D. Wolff

In this episode, hosts Evan Wolff and Kate Growley talk about what government contractors need to know about the Internet of Things and the recently passed IoT Cybersecurity Improvement Act. Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces.

ListenCrowell.com |