By Evan D. Wolff, Peter B. Miller, Maida Oringher Lerner, Kate M. Growley, Judy Choi, Michael Gruden and Payal Nanavati on Posted in Cybersecurity,Legal DevelopmentsThe National Institute of Standards and Technology (NIST) recently published a draft special publication titled Systems Security Engineering: Resiliency Considerations for the Engineering of Trustworthy Secure Systems (Volume 2), which provides guidance to professionals responsible for the activities and tasks related to the system life cycle processes in NIST’s flagship publication, NIST Special Publication 800-160… Continue Reading
By Kate M. Growley on Posted in Cybersecurity,Legal DevelopmentsAs defense contractors continue to push towards their end-of-year implementation deadline for NIST SP 800-171 under DFARS 252.204-7012, the National Institute of Standards & Technology (NIST) has given the contracting community some extra time to respond to a draft publication that outlines how they and their customers alike can assess compliance with the security standard. … Continue Reading
By Peter J. Eyre and David B. Robbins on Posted in Cybersecurity,Legal Developments,PodcastCrowell & Moring’s “Fastest 5 Minutes” is a biweekly podcast that provides a brief summary of significant government contracts legal and regulatory developments that no government contracts lawyer or executive should be without. This latest edition is hosted by partners Peter Eyre and David Robbins and includes updates on DoD’s plan to implement the 2017… Continue Reading
By David Bodenheimer, Evan D. Wolff and Kate M. Growley on Posted in CybersecurityAfter a year of development, NIST has released the long-awaited Cybersecurity Framework, which promises to have significant implications for the public and private sectors alike. The final version retains much of the Framework Core set forth in its draft version and provides a blueprint to align cybersecurity efforts, along with the accompanying Roadmap document discussing… Continue Reading
By Gordon Griffin, Kate M. Growley and David Bodenheimer on Posted in CybersecurityAfter years of abortive attempts by Congress to enact comprehensive cybersecurity legislation, the President took matters into his own hands on February 12, signing an Executive Order, Improving Critical Infrastructure Cybersecurity. Identifying the cyber threat as “one of the most serious national security challenges we must confront,” this Order, along with its contemporaneous Presidential Policy… Continue Reading
By Kate M. Growley and Gordon Griffin on Posted in CybersecurityJust before the closing bell for 2012, the federal government gave its first approval for government-wide security authorization to a cloud service provider. On December 26, the General Services Administration (GSA) certified its first cloud service provider under the Federal Risk and Authorization Management Program, more commonly known as FedRAMP. The GSA expects last month’s… Continue Reading
