On December 23, 2022, President Biden signed the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 into law. The Act contains two significant prohibitions regarding the procurement and use of semiconductor products and services from specific Chinese companies and other foreign countries of concern that will come into effect in December 2027.
Continue Reading NDAA Prohibits Government Purchase and Use of Certain Semiconductors
This is the nineteenth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”). The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various Government agencies to
This is the eighteenth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”). The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various Government agencies to
By: Robert Huffman, Susan Cassidy, Michael Wagner, Ryan Burnette, and Emma Merrill
This is the seventeenth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”). The first blog summarized the Cyber EO’s key provisions and timelines, and
This is the sixteenth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”). The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various Government agencies to implement the cyber EO from June 2021 through July 2022. This blog describes key actions taken to implement the Cyber EO during August 2022.
Continue Reading August 2022 Developments Under President Biden’s Cybersecurity Executive Order
On September 14, 2022, the Director of the Office of Management and Budget (“OMB”) issued a memorandum to the heads of executive branch departments and agencies addressing the enhancement of security of the federal software supply chain. The memorandum applies to all software (other than agency-developed software) developed or experiencing major version changes to be operated “on the agency’s information systems or otherwise affecting the agency’s information,” and requires new self-attestations from software vendors before that software can be used by agencies.
The memorandum is one among many deliverables stemming from Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”). We have covered developments under this Executive Order as part of a series of monthly posts, with the first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various Government agencies to implement the Cyber EO from June 2021 through August 2022. Key requirements of the memorandum are discussed in more detail below.
This is the fifteenth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”). The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various Government agencies to implement the Cyber EO from June 2021 through June 2022. This blog describes key actions taken to implement the Cyber EO during July 2022.
Continue Reading July 2022 Developments under President Biden’s Cybersecurity Executive Order
This is the fourteenth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”). The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various Government agencies to implement the Cyber EO from June 2021 through May 2022. This blog describes key actions taken to implement the Cyber EO during June 2022.
Continue Reading June 2022 Developments Under President Biden’s Cybersecurity Executive Order
This is the eleventh in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”). The first blog summarized the Cyber EO’s key provisions and timelines, and the second through tenth blogs described the actions taken by various Government agencies to implement the EO from June 2021 through February 2022, respectively. This blog summarizes key actions taken to implement the Cyber EO during March 2022. As with steps taken during prior months, the actions described below reflect the implementation of the EO within the Government. However, these activities portend further actions, potentially in or before June 2022, that are likely to impact government contractors, particularly those who provide software products or services to the Government.
Continue Reading March 2022 Developments Under President Biden’s Cybersecurity Executive Order
On March 8, 2022, the Department of Justice announced the first settlement of a case under the Civil Cyber-Fraud Initiative. Established in October 2021, the Initiative aims to utilize the government’s authority under the civil False Claims Act to pursue alleged instances of fraud and misrepresentation concerning cyber practices. (We previously wrote about the Initiative here.) The Initiative has been a point of emphasis in DOJ speeches and public comments in recent months. This settlement is a milestone in the rollout of the program and confirmation that DOJ intends to take allegations of cyber fraud seriously.
Continue Reading First Settlement of DOJ Civil Cyber-Fraud Initiative