Cybersecurity News

Navigating Crypto Regulatory Framework in 2025 December 4, 2025
In today's rapidly evolving digital landscape, financial institutions offering virtual currency products and services must navigate a complex and dynamic regulatory framework. The recent passage of the Guiding and Establishing National Innovation for U.S. Stablecoins Act of 2025 (“GENIUS Act” or “Act”) marks a significant milestone in the regulation of stablecoins, offering clarity and a […]
Ankura
FDA Issued Updated Patient-Focused Drug Development Guidance on Clinical Outcome Assessments December 4, 2025
In its latest PFDD installment, the FDA offers a detailed roadmap for sponsors seeking to design, adapt, or validate COAs that accurately reflect patients’ lived experiences. The guidance establishes the “fit-for-purpose” standard, requiring sufficient qualitative (patient input) and quantitative (psychometric) evidence to support each measure’s intended use. The FDA also identifies four categories of COAs […]
Wilson Sonsini Goodrich & Rosati
OLNS#8: ESOPs, VSOPs & Co – Structuring / Taxes / Practical Issues (Revised & Updated Edition) December 4, 2025
Employee ownership (sometimes also called "employee participation") plays a critical role in attracting and retaining top talent for fledgling young companies and aspiring growth companies alike. Stock options and similar structures, reward employees for taking the risk of joining a company in a high-risk and rapidly evolving environment and give them a stake in their […]
Orrick, Herrington & Sutcliffe LLP
NYDFS Cybersecurity Crackdown: New Requirements Now in Force—Are You Compliant? December 4, 2025
As cybersecurity breaches grow more complex and frequent, regulators are increasingly focused on organizational compliance.
Epstein Becker & Green
2025 Texas Legislative and Procedural Updates December 4, 2025
The 2025 Texas legislative session introduced significant reforms impacting business litigation, corporate governance, and court procedures statewide. From expanding the Texas Business Court’s jurisdiction to updating the Business Organizations Code, these changes carry important implications for Texas businesses and legal practitioners. The following summary outlines the most notable updates.
McGinnis Lochridge
[Podcast] AI at Work – Smarter, Not Riskier: Employer Strategies for Responsible AI Use December 4, 2025
In this inaugural episode of AI at Work, Greg Demers, an employment partner, is joined by Meg Bisk, head of the employment practice, and John Milani, an employment associate, to explore how employers across industries can harness artificial intelligence responsibly while mitigating legal and operational risk. They discuss the most common pitfalls of employee AI […]
Ropes & Gray LLP
AI is a Hot Topic Among Lawmakers, but Who Will Have the Final Say? December 3, 2025
The rapid rise of generative artificial intelligence (AI) has pushed the issue of AI regulation to the forefront, but U.S. policy remains fragmented. The federal government has not passed comprehensive AI legislation, and current policy initiatives do not align with previous guidance from the National Institute of Standards and Technology (NIST).
BakerHostetler
The Hidden Cost Center No One Understands: Why 40% of Legal Pros Still Misunderstand eDiscovery December 3, 2025
The Misunderstanding Nobody Wants to Admit - Here’s a truth we don’t talk about enough in the legal world: eDiscovery is frequently misunderstood, even by the people who live closest to it.
EDRM - Electronic Discovery Reference Model
Lawsuit Challenges Racial + Ethnic ‘Social Disadvantage’ Presumption in SBA and Other Federal Supplier Diversity Programs December 3, 2025
On Nov. 17, 2025, Revier Technologies, Inc. and Young America’s Foundation (YAF) filed a lawsuit in the U.S. District Court for the Eastern District of Louisiana seeking to invalidate the Small Business Administration (SBA) regulation that establishes a rebuttable presumption of “social disadvantage” for members of designated racial and ethnic groups. 13 C.F.R. §124.103(b)(1).
Jackson Lewis P.C.
Key Takeaways for Companies After SEC Voluntarily Dismisses Landmark SolarWinds Enforcement Action December 3, 2025
On November 20, 2025, the U.S. Securities and Exchange Commission (SEC) filed a joint stipulation with SolarWinds Corp. and its chief information security officer (CISO), Timothy Brown, to dismiss with prejudice the commission’s remaining claims in its high-profile cybersecurity enforcement action.
Parker Poe Adams & Bernstein LLP

CMMC News

‘Hey, They’re Not CMMC Compliant! Why Did They Get The Award?’: Protesting CMMC Issues December 3, 2025
W.C. Fields once said that there comes a time in everyone’s life when they “must take the bull by the tail and face the situation.” For contractors in the Defense Industrial Base (DIB), that time has apparently come when, at long last, the Cybersecurity Maturity Model Certification (CMMC) Program began its phased rollout Nov. 10.
Miles & Stockbridge P.C.
From 2025 Upheaval to 2026 Strategy: Key Regulatory Risks and Opportunities for Government Contractors December 3, 2025
2025 has been an exceptionally active year for U.S. government contractors and grant recipients. The combination of executive orders, regulatory changes and legislative updates that have reshaped procurement, industrial policy and compliance requirements across multiple sectors has left even the most experienced contractors and grant recipients navigating uncertainty about which legal requirements apply and how […]
White & Case LLP
Updates to NIST Cybersecurity Guidance May Impact Government Contractors November 25, 2025
November 2025 has been a busy month for cybersecurity rules affecting government contractors. The long-awaited Cybersecurity Maturity Model Certification (CMMC) Program went into effect on November 10. We are now seeing the first Department of Defense (DOD) solicitations that include the CMMC Program requirements for contractors that process, store, or transmit Federal Contract Information (FCI) […]
Wiley Rein LLP
Cyber Reporting Considerations November 21, 2025
The regulatory environment has transformed cybersecurity failure into a core legal, financial, and compliance risk. Today, organizations must navigate a complex maze of conflicting deadlines across state and federal jurisdictions. This means, in addition to directing the incident response, organizations should implement processes to track decision-making and be prepared to meet all reporting requirements that […]
Wiley Rein LLP
CMMC Regulations: Key Questions and Answers for Defense Contractors November 14, 2025
On Nov. 10, 2025, the long-awaited final rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) to implement the Cybersecurity Maturity Model Certification (CMMC) program became effective. This rule, discussed in a previous Holland & Knight alert (see link below), fundamentally changes how cybersecurity requirements are incorporated into U.S. Department of Defense (DOD) contracts and […]
Holland & Knight LLP
DoD Begins Phased Implementation of CMMC Final Rule: Key Actions for Contractors November 14, 2025
On November 10, 2025, the Department of Defense (DoD), also referred to as the Department of War (DoW), officially began rolling out its Cybersecurity Maturity Model Certification (CMMC) Final Rule, marking the start of the program’s phased implementation. CMMC requirements may now appear in new DoD solicitations, contract awards and option exercises.
Akin Gump Strauss Hauer & Feld LLP
They’re Here! The Cybersecurity Maturity Model Certification Requirements for DoD Solicitations and Contracts Are Live. What Does This Mean for Your Organization? November 14, 2025
This alert serves to remind contractors of the much-ballyhooed Cybersecurity Maturity Model Certification (CMMC) and updates our previous articles on the Department of Defense’s (DoD) proposed CMMC Program rule and DoD’s issuance of a new final rule, codified at Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7021 (contract clause) and 252.204-7025 (solicitation provision).
Venable LLP
Weekly Update for Government Contractors and Commercial Businesses – November 2025 #2 November 14, 2025
Warfighting at Warp Speed: Why Defense Contractors Must Track the Department of War’s Acquisition Overhaul - The Secretary of War Pete Hegseth announced on November 7, 2025, that the U.S. Department of War (DOW) is dropping a game-changing memo: “Transforming the Warfighting Acquisition System to Accelerate Fielding of Capabilities.” This bold blueprint reimagines how defense capabilities […]
PilieroMazza PLLC
CMMC Brings New Era of Cybersecurity Compliance for Defense Contractors November 13, 2025
Our Privacy, Cyber & Data Strategy Team breaks down the Department of Defense’s finalized Cybersecurity Maturity Model Certification (CMMC) rule, which establishes a tiered compliance framework that will soon be mandatory for all defense contractors and subcontractors.
Alston & Bird
DoD’s Phased Implementation of CMMC Begins: What You Need to Know November 12, 2025
On November 10, 2025, the Department of Defense’s (“DoD”) final rule amending the Defense Federal Acquisition Regulation Supplement (“DFARS”) to incorporate contract requirements related to its Cybersecurity Maturity Model Certification (“CMMC”) Program became effective, kicking off DoD’s phased implementation of the Program.
Burr & Forman