NIST Now "King of the Hill" on Cyber Standards
Client Alert | 1 min read | 05.14.13
Following its key cyber role in President Obama's Executive Order No. 13636 issued this February, the National Institute of Standards and Technology (NIST) again seized the reins on federal cybersecurity standards on April 30, issuing the 457-page tome, Security and Privacy Controls for Federal information Systems and Organizations, that not only provides the "most comprehensive update" of the core information security controls, but also cuts new ground for cybersecurity standards governing mobile and cloud computing technology, applications security, supply chain protection, advanced persistent threats, and privacy controls for federal agencies and contractors. While some critics have sought to brush back prior NIST standards as too voluminous and technically dense, this latest publication underscores NIST's increasing dominance over cyber standards, as shown by both DoD and the Office of the Director of National Intelligence embracing this NIST update, thus paving the way for federal agencies to flow down new and expanded security standards to government contractors consistent with the executive order's directive to the FAR Council.
Contacts
Insights
Client Alert | 6 min read | 07.17.25
On 11 July 2025, the European Commission published the final version of its Code of Practice for General-Purpose Artificial Intelligence (GPAI). This Code is meant to serve as a tool for GPAI model providers, helping them to comply with the transparency, copyright and security provisions governing general-purpose AI models as set out in the AI Act (arts. 53 and 55), which will become applicable on 2 August 2025. Adherence to the Code is on a voluntary basis.
Client Alert | 3 min read | 07.17.25
(Not the Funniest) Weekend Update: Recap of Recent Developments in the EU-US Tariff Dispute
Client Alert | 5 min read | 07.16.25
Client Alert | 8 min read | 07.16.25