NIST Now "King of the Hill" on Cyber Standards

Client Alert | 1 min read | 05.14.13

Following its key cyber role in President Obama's Executive Order No. 13636 issued this February, the National Institute of Standards and Technology (NIST) again seized the reins on federal cybersecurity standards on April 30, issuing the 457-page tome, Security and Privacy Controls for Federal information Systems and Organizations, that not only provides the "most comprehensive update" of the core information security controls, but also cuts new ground for cybersecurity standards governing mobile and cloud computing technology, applications security, supply chain protection, advanced persistent threats, and privacy controls for federal agencies and contractors. While some critics have sought to brush back prior NIST standards as too voluminous and technically dense, this latest publication underscores NIST's increasing dominance over cyber standards, as shown by both DoD and the Office of the Director of National Intelligence embracing this NIST update, thus paving the way for federal agencies to flow down new and expanded security standards to government contractors consistent with the executive order's directive to the FAR Council.

Contacts

Jonathan M. Baker
Partner
- Washington, D.C.
  - D | +1.202.624.2641
amJha2VyQGNyb3dlbGwuY29t

Insights

Client Alert | 3 min read | 06.12.26

DOJ Guidance Backs Away From Disparate Impact Liability

On June 9, 2026, the U.S. Department of Justice (DOJ) issued a formal opinion concluding that the Equal Opportunity Employment Commission’s (EEOC) existing interpretations of Title VII of the Civil Rights Act of 1964 (Title VII) disparate-impact liability, including the Uniform Guidelines on Employee Selection Procedures (UGESP), are unconstitutional. According to the opinion, EEOC’s prior interpretations contemplate liability based on disproportionately adverse effects alone, without regard to an employer’s likely intent, rather than treating disparate impact as an evidentiary mechanism to “smoke out” intentional discrimination. DOJ found that this approach functions as a “qualified racial-proportionality mandate” that places “a racial thumb on the scales, often requiring employers to evaluate the racial outcomes of their policies, and to make decisions based on (because of) those racial outcomes.” The opinion fulfills one mandate of Executive Order 14281, which rejected disparate-impact liability insofar as it “creates a near insurmountable presumption that unlawful discrimination exists wherever there are any differences in outcomes among different [demographic groups].”...

Client Alert | 4 min read | 06.12.26
Auto Dealers: The FTC Is Back in the Driver’s Seat — Warning Letters Signal Renewed Federal Scrutiny
Client Alert | 13 min read | 06.12.26
EU Cyber Resilience Act Countdown: 11 September 2026 Incident/Vulnerability Reporting Deadline Less Than 100 Days Away
Client Alert | 4 min read | 06.12.26
National Security Memorandum Aims to Accelerate Deployment of AI and Streamline Procurement Aligned to Administration Policies

View All Insights