Photo of Evan D. WolffPhoto of Kate M. Growley, CIPP/G, CIPP/USPhoto of Maida Oringher LernerPhoto of Payal NanavatiPhoto of Michael G. Gruden, CIPP/G

The National Institute of Standards and Technology (NIST) recently published a draft special publication titled Systems Security Engineering: Resiliency Considerations for the Engineering of Trustworthy Secure Systems (Volume 2), which provides guidance to professionals responsible for the activities and tasks related to the system life cycle processes in NIST’s flagship publication, NIST Special Publication 800-160

Photo of Peter J. Eyre

This week’s episode covers bid protest, debriefing, and cybersecurity news, and is hosted by partners David Robbins and Peter Eyre. Crowell & Moring’s “Fastest 5 Minutes” is a biweekly podcast that provides a brief summary of significant government contracts legal and regulatory developments that no government contracts lawyer or executive should be without.

Listen

Photo of Peter J. Eyre

This week’s episode covers budget news, the Brand memo, and cybersecurity news, and is hosted by partners Peter Eyre and David Robbins. Crowell & Moring’s “Fastest 5 Minutes” is a biweekly podcast that provides a brief summary of significant government contracts legal and regulatory developments that no government contracts lawyer or executive should be without.

Photo of Peter J. Eyre

This week’s episode covers False Claims Act items, GAO protests, and cybersecurity and is hosted by partners Peter Eyre and David Robbins. Crowell & Moring’s “Fastest 5 Minutes” is a biweekly podcast that provides a brief summary of significant government contracts legal and regulatory developments that no government contracts lawyer or executive should be without.

Photo of Kate M. Growley, CIPP/G, CIPP/US

As defense contractors continue to push towards their end-of-year implementation deadline for NIST SP 800-171 under DFARS 252.204-7012, the National Institute of Standards & Technology (NIST) has given the contracting community some extra time to respond to a draft publication that outlines how they and their customers alike can assess compliance with the security standard. 

Photo of Peter J. Eyre

We are still accepting questions for Ask Us Anything! Have questions you’d like answered anonymously? Want our thoughts in general on a particular topic? Send in questions and we’ll do our best to feature them in a future podcast. Email your questions to David at drobbins@crowell.com. Disclaimer: we cannot give legal advice unless and

Photo of Paul M. Rosen

This week it was reported that Indian police arrested four people accused of leaking a pre-release episode of the blockbuster HBO show, “Game of Thrones.”  The leak is supposedly the result of employees from a Mumbai-based company that stores and processes the series for the Indian streaming website Hotstar.

These arrests—which appear unrelated to the recent and well-publicized corporate hack of HBO—underscore the challenges that businesses operating around the world face in safeguarding their intellectual property in the supply chain.  Many corporations rely on third party vendors to deliver their business services and products—in this instance television content—around the world.  Yet, the security capabilities of these vendors varies widely, which is why companies can and should take key steps to protect their sensitive information as they share it with these third parties.

The two primary threats that third party vendors pose to companies are: (1) ensuring strong cybersecurity protections to mitigate the chance of a damaging hack; and (2) minimizing the chance of theft of sensitive business information by insiders with access.  To address these concerns, companies should consider the following.


Continue Reading Risks Posed by Third Party Vendors Increasingly a Challenge for Businesses

Photo of Paul M. RosenPhoto of Nimrod AviadPhoto of Christopher D. Garcia

Can U.S. law enforcement reach data stored oversees by using a warrant under the Stored Communications Act, 18 U.S.C. § 2701, et seq.?  Until the Supreme Court decides the issue, which may happen next term, the answer is: it depends where the government applied for the warrant.

Over the last few years, U.S.-based technology companies have been increasingly resisting warrants under the Stored Communications Act for data those companies store oversees.  These warrants, they claim, represent an extraterritorial application of the law, which Congress has never permitted.

Traditionally, if the government has probable cause to believe that a person’s email account contains evidence of a crime, and a federal magistrate judge agrees, a warrant would issue directing the email service provider­ to turn over those emails to the government.  But data is increasingly stored in the “cloud.”  And, as it turns out, the “cloud” consists of server farms located all over the world.  Companies like Microsoft, Google, Amazon, Facebook, and Apple now host large quantities of data abroad, raising complicated jurisdictional questions.


Continue Reading DOJ Asks Supreme Court to Resolve Split Over Its Ability to Compel Foreign Records

Photo of Peter J. Eyre

Crowell & Moring’s “Fastest 5 Minutes” is a biweekly podcast that provides a brief summary of significant government contracts legal and regulatory developments that no government contracts lawyer or executive should be without. This latest edition is hosted by partners Peter Eyre and David Robbins and includes updates on DoD’s plan to implement the 2017

Photo of Peter J. EyrePhoto of Olivia Lynch

Crowell & Moring’s “Fastest 5 Minutes” is a biweekly podcast that provides a brief summary of significant government contracts legal and regulatory developments that no government contracts lawyer or executive should be without. This latest edition is hosted by partner Peter Eyre and counsel Olivia Lynch and includes updates on GAO reports on cybersecurity, a