Photo of Kate M. Growley, CIPP/G, CIPP/US

Kate M. Growley (CIPP/US, CIPP/G) is a director in Crowell & Moring International’s Southeast Asia regional office. Drawing from over a decade of experience as a practicing attorney in the United States, Kate helps her clients navigate and shape the policy and regulatory environment for some of the most complex data issues facing multinational companies, including cybersecurity, privacy, and digital transformation. Kate has worked with clients across every major sector, with particular experience in technology, health care, manufacturing, and aerospace and defense. Kate is a Certified Information Privacy Professional (CIPP) in both the U.S. private and government sectors by the International Association of Privacy Professionals (IAPP). She is also a Registered Practitioner with the U.S. Cybersecurity Maturity Model Certification (CMMC) Cyber Accreditation Body (AB).

On March 17, 2022, the National Institute of Standards and Technology (“NIST”) published an initial draft of its Artificial Intelligence (AI) Risk Management Framework (“AI RMF”) to promote the development and use of responsible AI technologies and systems.  When final, the three-part AI RMF is intended for voluntary use and to improve the ability to

On November 15, 2021, the Defense Innovation Unit (DIU) released its Responsible Artificial Intelligence (AI) Guidelines (“RAI Guidelines”) to help contractors and federal officials gauge whether AI technology and programs align with the Department of Defense’s (DoD) Ethical Principles for AI (as we previously reported on here). Specifically, the RAI Guidelines provide a process

Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces. In this episode, hosts Evan Wolff and Kate Growley talk through the fundamental changes that the DoD has announced will be made under “CMMC 2.0.”

ListenCrowell.com | PodBean | SoundCloud | Apple

The Department of Defense (DoD) recently announced significant changes to its Cybersecurity Maturity Model Certification (CMMC) program intended to simplify the requirements and ease the compliance burden on contractors.  Unlike its predecessor, the new CMMC 2.0 moves to three compliance levels rather than five; aligns the required security controls (known as practices) with National Institute

Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces. In this final episode of a three-part series, host Kate Growley digests the current state of DFARS clause 252.204-7021 and what contractors should know about the Cybersecurity Maturity Model Certification (or CMMC).

Listen

Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces. In this second episode of a three-part series, hosts Kate Growley and Evan Wolff overview the high points from the new DFARS clauses 252.204-7019 and -7020.

ListenCrowell.com | PodBean | SoundCloud |

In this episode, host Kate Growley and Caroline Brown talk about the regulatory risks of violating sanctions and anti-money laundering laws when considering whether to make a payment to ransomware attackers. Those risks extend beyond the victims of the ransomware attack themselves to include ransomware insurance businesses, payment processors, and companies involved in digital forensics

In this episode, hosts Kate Growley and Evan Wolff talk with Matthew Welling about all things ransomware, including how to prepare for and respond to these kinds of incidents.  Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces.

ListenCrowell.com | PodBean

In this episode, host Kate Growley is joined by Chris Hebdon as they discuss current requirements for cloud service providers interested in working for the Department of Defense. Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces.

Click below to listen or access