Insights

Professional
Practice
Industry
Region
Trending Topics
Location
Type

Sort by:

Firm News 16 results

Firm News | 8 min read | 08.15.24

The Best Lawyers in America 2025 Recognizes 42 Crowell & Moring Attorneys, Three Selected as Lawyer of the Year

Washington – August 15, 2024: The 2025 edition of The Best Lawyers in America® has recognized 42 Crowell & Moring lawyers as "Best Lawyers" and 29 lawyers as “Ones to Watch.”
...

Firm News | 4 min read | 06.24.24

Crowell Earns Top Rankings from Legal 500 United States 2024

Washington – June 24, 2024: Crowell & Moring has been recommended in eight practice areas in the 17th edition of the Legal 500 United States. In addition, partner Daniel Forman, co-chair of the firm’s Government Contracts Group, has been named to the Legal 500’s “Hall of Fame” for Government Contracts.
...

Firm News | 4 min read | 06.04.24

ArmorText and Crowell & Moring Release New Open Source Cybersecurity Tabletop Exercises

MCLEAN, Va., June 4, 2024 - ArmorText, which safeguards communication for organizations worldwide, and the international law firm of Crowell & Moring LLP today released an update to their tabletop exercise guide, making new exercise scenarios publicly available under a Creative Commons license. The new Cyber Resilience: Incident Response Tabletop Exercises Q2 2024 addresses urgent challenges facing executives, including disruptive attacks by increasingly sophisticated criminal actors with well-publicized recent examples, as well as increasingly complex regulatory obligations.
...

Client Alerts 170 results

Client Alert | 2 min read | 11.19.24

Six Years in the Making, DoD Releases Proposed Rule Requiring Disclosure of Foreign Review of Code for IT, Cybersecurity, Critical Infrastructure, and Weapons System Products and Services

On November 15, 2024, the Department of Defense (DoD) issued a Proposed Rule implementing Section 1655 of the John S. McCain National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2019 (P.L. 115-232), over six years after Congress enacted the requirement. 
...

Client Alert | 8 min read | 10.14.24

Cybersecurity Matured: DoD Finalizes Cybersecurity Maturity Model Certification (CMMC) Program

On October 11, 2024, the Department of Defense (DoD) released a final rule (the “Final Program Rule”) formalizing the requirements, assessment processes, and related governance for its Cyber Maturity Model Certification Program (CMMC).[1] 
...

Client Alert | 2 min read | 08.20.24

DFARS 7021 Clause 2.0: DoD Releases Proposed Rule Updating CMMC Clause

On August 15, 2024, the Department of Defense (“DoD”) released the long-awaited proposed rule (“August 2024 Proposed Rule”), updating Defense Federal Acquisition Regulation Supplement (“DFARS”) Clause 252.204-7021 (the “7021 Clause”), which, when final, will initiate the phased implementation of Cybersecurity Maturity Model Certification 2.0 (“CMMC”) requirements into DoD contracts.  The Clause will require every defense contractor that handles Federal Contract Information (“FCI”) or Controlled Unclassified Information (“CUI”) to assess and certify compliance with select CMMC security requirements.  The August 2024 Proposed Rule introduces several distinct changes to the 7021 Clause published by DoD in January 2023, including:
...

Press Coverage 49 results

Press Coverage | 11.09.23

SEC/SolarWinds Legal Analysis w/Evan Wolff (podcast)

The Cyber Ranch Podcast

Publications 32 results

Publication | 05.14.24

Critical Infrastructure: Updating the 2013 NIPP and other Risk Mitigation Actions

Privacy and Cybersecurity Outlook: The 2024 Landscape
Protecting critical infrastructure is paramount to today’s digital age. Critical infrastructure includes physical and virtual systems essential for the functioning of our society, economy, and national security. Such a definition may include power grids, communication networks, and financial institutions, among other networks that heavily rely on interconnected computer systems. These systems are also considered critical infrastructure, as they are used to protect critical cybersecurity infrastructure. 
...

Publication | 05.14.24

Tabletop Exercises: A Leading Practice to Strengthen Defenses

Privacy and Cybersecurity Outlook: The 2024 Landscape
Every day, organizations face a barrage of attacks from cybercriminals looking to do harm by gaining access to IT systems and sensitive data. Repercussions from these attacks can be significant—lost business data, legal liability, regulatory scrutiny, and a damaged reputation. To prepare for potential attacks, companies need a robust incident response plan that can be quickly and effectively deployed against cyber threats as they arise.
...

Events 48 results

Event | 11.19.24, 8:00 AM EST - 9:30 AM EST

CMMC Finalized: How to Prepare & Achieve Certification

Crowell is honored to host Ms. Stacy Bostjanick, the Defense Department’s CMMC Program Director, who will be joined live by Crowell attorneys Evan Wolff and Michael Gruden for an engaging fireside chat.

Event | 10.30.24, 4:00 PM GMT - 7:00 PM GMT

Cyber Perspectives: Views from Attackers, Defenders, and Regulators

We are pleased to invite you to "Cyber Perspectives: Views from Attackers, Defenders, and Regulators," a collaborative event hosted in partnership with Crowell & Moring and IBM. This insightful session will delve into the multifaceted world of cybersecurity, offering perspectives from those on the front lines of cyber defence and the attackers they combat, as well as what we are seeing from the regulators who shape the landscape. Join us for an engaging discussion that promises to enhance your understanding of current cyber threats and the strategies employed to mitigate them.
...

Event | 07.23.24, 10:30 PM PDT - 12:00 PM PDT

NCMA World Congress 2024

Crowell & Moring's Jennie VonCannon, Evan Wolff, and Michael Gruden, members of the firm's Privacy & Cybersecurity and Government Contracts Groups, will be speaking at the NCMA World Congress, taking place on July 23, 2024, in Seattle, Washington. They will lead a skill-based session, "Making CMMC 2.0 Requirements Work for Your Organization," at 10:30 AM PST.

Webinars 26 results

Webinar | 05.15.24, 1:00 PM EDT - 2:00 PM EDT

NIST SP 800-171 Transitions to Revision 3: What to Know

As the National Institute for Standards and Technology (NIST) prepares to release its highly anticipated Revision 3 to the security standard required by CMMC and current DoD contracts alike, join Crowell attorneys Evan Wolff and Michael Gruden in a robust discussion with one of the key architects of Revision 3, NIST’s own Senior Computer Scientist, Victoria Pillitteri.

Webinar | 02.14.24, 1:00 PM EST - 2:00 PM EST

CMMC 2.0: Legal, Assessor, and Threat Intelligence Perspectives

Members of Crowell’s Privacy & Cybersecurity practice and panelists from Coalfire and Mandiant will discuss the highly anticipated proposed rule for the Cybersecurity Maturity Model Certification Program (CMMC) issued by the Department of Defense (DOD) in December.

Webinar | 01.09.24, 1:00 PM EST - 2:00 PM EST

CMMC Proposed Rule: What to Know

The Department of Defense (DOD) has released the highly anticipated proposed rule for the Cybersecurity Maturity Model Certification Program (CMMC). CMMC is a unified assessment model released by the DoD in response to the growing threat of cyberattacks and data theft from its supply chain vendors. As proposed, this program requires every Federal contractor that handles DoD sensitive data to comply with certain cybersecurity controls. CMMC will bring greater scrutiny to contractors’ cybersecurity compliance and greater risks associated with failure to comply. To achieve certification, you’re required to prove that your organization can meet a myriad of security control obligations, a process that can be daunting if you’re not familiar with the policies, procedures, and practices that may be required when the program is finalized.

Speaking Engagements 202 results

Blog Posts 17 results

Blog Post | 02.10.20

Energy Cybersecurity Act of 2019

Crowell & Moring's Data Law Insights

Blog Post | 08.20.19

Privacy & Cybersecurity – New York Enacts the SHIELD Act

Crowell & Moring's International Trade Law

Podcasts 19 results

Podcast | 02.15.22

Byte-Sized Q&A: What Should Contractors Know About the Cybersecurity Provisions Included In, and Left Out Of, the National Defense Authorization Act

Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces.  In this episode, Evan Wolff and Chris Hebdon discuss the notable cybersecurity provisions and omissions in the National Defense Authorization Act (NDAA) for Fiscal Year 2022.
...

Podcast | 01.19.22

Byte-Sized Q&A: What is CISA and Why is it Important to Government Contractors?

Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces. In this episode of Byte Sized Q&A, Evan Wolff and Michael Gruden discuss the Cybersecurity Infrastructure Security Agency (CISA) and why it is important for contractors to take note of CISA’s actions.
...

Podcast | 12.03.21

Byte-Sized Q&A: What’s not in CMMC 2.0?

Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces. In this episode, hosts Evan Wolff and Kate Growley talk through some key elements that are no longer expected under CMMC 2.0.
...