Fundamentals of Cybersecurity and Regulatory Updates Series - Session 1: Introduction to Cybersecurity In this session, we will define cybersecurity foundations and explain why cybersecurity matters. We will discuss the type of information that must be protected, and the key governing bodies tasked with implementing the patchwork of laws and regulations addressing cybersecurity requirements. We will examine the Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS) clauses governing cybersecurity, as well as certain publications of the National Institute of Standards and Technology (NIST), with particular focus on NIST Special Publication (SP) 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. Learning Objectives: By the end of this session, students will understand the importance of cybersecurity and how it impacts their organization. They will be familiar with the basic laws and regulations governing their cybersecurity compliance obligations, as well as the Federal contract clauses and standards implementing those obligations.

In this 4 part series, we will untangle the web of laws, regulations, and guidance surrounding the dynamic cybersecurity requirements currently applicable to contractors in the Federal supply chain.

Fundamentals of Cybersecurity and Regulatory Updates Series - Session 2: Understanding DoD Assessment Requirements: -7019, -7020, CMMC, and Beyond In this session, we will explore the presence of existing Department of Defense cybersecurity assessment requirements, including DFARS 252.204-7019, DFARS 252.204-7020, and the development and pending arrival of the Cybersecurity Maturity Model Certification (CMMC). We will provide an detailed examination of the NIST 800-171 assessment methodology required by -7019 and -7020, and highlight some of the key challenges contractors are likely to face as they implement these requirements. We will also provide insight as to the future of CMMC and how contractors can best prepare for the coming obligations. Learning Objectives: By the end of this session, students will be familiar with the basics of the DoD NIST 800-171 assessment requirements and will be able to think critically about how these requirements will apply to and impact their organization. They will be up to date on the developments in CMMC and able to identify key steps that should be taken proactively to ensure compliance and avoid liability.

Fundamentals of Cybersecurity and Regulatory Updates Series - Session 3: Supply Chain Management and Cybersecurity Updates In this session, we will identify how to ensure that good cybersecurity hygiene flows through a contractor's supply chain. We will discuss the Defense Contract Management Agency's (DCMA) mandate to examine contractor compliance with cybersecurity requirements as part of its Contractor Purchasing System Reviews (CPSR) and its implications for contractors in the near future. At the end of the session, we will discuss the pair of Proposed Rules issued in October 2023 (addressing "Cyber Threat and Incident Reporting and Information Sharing" and "Standardizing Cybersecurity Requirements for Unclassified Federal Information Systems"), and will explore the implications of those Proposed Rules for contractors. Learning Objectives: By the end of this session, students will understand how to ensure cybersecurity hygiene in their supply chain, and be prepared to proactively address their purchasing procedures in anticipation of DCMA reviews. Students will also gain insight as to the likely next developments in and implications of Federal cybersecurity initiatives, particularly as they relate to non-DoD agencies.

Executive orders, new regulations, class deviations, statutes, protests, and litigation all ensure that the compliance landscape for government contracts is always evolving at a breakneck pace. These changes can be difficult to track, but Federal Publication Seminars' Quarterly Update gathers the most significant changes and distills them for government contracting professionals. That usually (but not always) includes updates to:  Cybersecurity requirements  Changes to labor regulations and enforcement  Domestic preferences; and  Small business regulations Each session will be jammed packed with the latest information and is a valuable tool in staying up to date in an ever-changing environment.

Fundamentals of Cybersecurity and Regulatory Updates Series - Session 4: Preparing for the Future: Breach and AI In this session, we will help contractors navigate the Government's current and future areas of focus in cybersecurity: managing breach and the use of artificial intelligence. We will introduce some of the best practices to implement the cybersecurity requirements in Government contracts, and to assemble an incident response plan to manage breaches if and when they occur. We will conclude the series by talking about AI in the Federal Government, including recent executive orders under the current administration and their effect on the Government's procurement of AI. Learning Objectives: By the end of this session, students will understand how to approach their incident response strategy, and the best practices when experiencing a breach. Students will also be prepared for the future of cybersecurity requirements, and aware of the unique challenges that accompany the procurement and use of AI.