Helping individuals, companies, and organizations understand key legal and practical considerations for promoting compliance and making better business decisions in these types of federal, state, and local government contracting matters MORE

Securities and Exchange Commission

Increasingly, the Federal government implements a rule for government contractors which then makes its way in some form into all of US industry.  Cybersecurity regulations, mandating that government contractors, grant and agreement holders, and their subcontractors, maintain certain security controls and report on cyber incidents, have been in effect for a number of years.  Indeed, Deputy Attorney General Lisa Monaco announced a Civil Cybersecurity Fraud initiative to go after government contractors, grant and agreement holders that falsely represent the cybersecurity of their products and services or the state of their compliance with cybersecurity requirements in seeking or performing government contracts.  With a reported 1885% increase in ransomware attacks and high profile cyber events such as Colonial Pipeline in 2021, therefore, it is not surprising that the Securities and Exchange Commission (SEC) is making the move to require public companies to increase their cybersecurity activities and to report cyber incidents so investors have greater insight into their investments.
Continue Reading SEC Issued Proposed Rule on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure