1. Home
  2. |Insights
  3. |Disharmony in the Cyber Acquisition Patchwork

Disharmony in the Cyber Acquisition Patchwork

Client Alert | 1 min read | 05.07.15

While Executive Order No. 13636 asked for a review of "what steps can be taken to harmonize" existing cyber regulations governing federal acquisitions, a patchwork of more than a dozen different agency regulations – and dozens upon dozens of unpublished cyber policies – impose heavy burdens upon contractors seeking to build cost-effective cybersecurity compliance programs. On May 11, C&M's David Z. Bodenheimer will discuss this analysis and lead a co-sponsored program for the ABA Public Contract Law Section's Cybersecurity, Privacy, and Information Security Committee and the Science & Technology Law Section's Homeland Security Committee on "The Cybersecurity Patchwork of Federal Agency Rules & Unpublished Policies: How Do Contractors Comply?"

Insights

Client Alert | 7 min read | 05.27.26

Colorado Hits Reset on AI Regulation: SB 26-189 Repeals and Reenacts the Colorado AI Act

Colorado’s original AI Act (SB 24-205), signed in May 2024, imposed broad obligations on developers and deployers of “high-risk AI systems” — including requiring risk management programs, impact assessments, and affirmative steps to prevent algorithmic discrimination across employment, housing, lending, insurance, health care, and education decisions. The operative date for SB 24-205 was extended twice, and a court temporarily suspended enforcement in early 2026, following a lawsuit filed by xAI, which the U.S. Department of Justice (DOJ) intervened to support. Industry feedback on SB 24-205 was generally negative. In response to this environment, Colorado’s legislature undertook a rewrite, drafting and passing SB 26-189 in a matter of weeks. SB 26-189 reflects the legislature’s effort to preserve the policy goal of filling the AI oversight vacuum given the lack of a comprehensive federal law, but within a more workable compliance framework....

View All Insights