Ashden Fein

September 9, 2019, Inside Privacy

On Friday, September 6, 2019, our Government Contracts practice posted an article on Inside Government Contracts about the U.S. Department of Defense’s recent release of its draft Cybersecurity Maturity Model Certification (“CMMC”) for public comment. The CMMC was created in response to growing concerns by Congress and within the U.S. Department of Defense over ...

June 20, 2019, Inside Privacy

Today, Susan Cassidy, Ashden Fein, Moriah Daugherty, and Melinda Lewis posted an article on Inside Government Contracts about the June 19, 2019 announcement by the National Institute of Standards and Technology (“NIST”) of the long-awaited update to Special Publication (“SP”) 800-171 Rev. 1, Protecting Controlled Unclassified Information in Nonfederal Systems ...

June 20, 2019, The Coalition for Government Procurement

June 18, 2019

WASHINGTON—Covington is representing Peraton in its recently announced deal to acquire Solers, Inc., a leading provider of software development and systems integration for space situational awareness, satellite ground systems and operations, cybersecurity engineering, and enterprise cloud-based solutions. Covington is handling government contracts, national ...

May 24, 2019, Inside Privacy

On May 13, 2019, China’s State Administration for Market Regulation (“SAMR”) released three core national standards related to the country’s Cybersecurity Multi-level Protection Scheme (“MLPS”), describing technical and organizational controls that companies must follow when complying with MLPS-related obligations under the Cybersecurity Law (“CSL”).  These ...

May 16, 2019, Covington Alert

We are writing to provide an update on two important developments in U.S. national security-based regulation of trade: (1) a new, potentially expansive Executive Order on information and communications technology supply into the U.S. market, and (2) the Department of Commerce’s action to add Huawei to the Entity List.

November 12, 2018

WASHINGTON—Covington is advising private equity firm Veritas Capital on healthcare and other regulatory aspects of its recently announced deal to acquire athenahealth for approximately $5.7 billion. athenahealth is a leading provider of network-enabled services for hospital and ambulatory customers nationwide. Rujul Desai and Ian Brekke are leading the Covington ...

October 24, 2018, Inside Privacy

On September 30, 2018, China’s Ministry of Public Security (“MPS”) released the Regulation on the Internet Security Supervision and Inspection by Public Security Organs (the “Regulation”;《公安机关互联网安全监督检查规定》), which will take effect on November 1, 2018. As the latest regulation issued by MPS that implements China’s Cybersecurity Law (“CSL”), which took effect in ...

October 1, 2018

WASHINGTON—Covington has promoted 20 lawyers to its partnership. “This group covers a wide range of the firm’s most important practices and reflects the ongoing imperative of continuing to build and expand our strengths and to position the firm most effectively to be vibrant in the years ahead,” said Timothy Hester, Covington’s chair. "The size of our class is a ...

August 30, 2018, Covington Alert

How well do you actually know your supply chain—from the materials you acquire to the software you include in your products or services? If you have not answered this question recently, you should consider adding it to your “to do” list. Not only does the U. S. Government want to know, it is increasingly imposing new compliance obligations on its contractors.

July 10, 2018, Inside Privacy

On June 27, 2018, China’s Ministry of Public Security (“MPS”) released for public comment a draft of the Regulations on Cybersecurity Multi-level Protection Scheme (“the Draft Regulation”). The highly anticipated Draft Regulation sets out the details of an updated Multi-level Protection Scheme, whereby network operators (defined below) are required to comply ...

July 5, 2018, Covington Alert

On June 27, 2018, China’s Ministry of Public Security (“MPS”) released for public comment a draft of the Regulations on Cybersecurity Multi-level Protection Scheme (“the Draft Regulation”). The highly anticipated Draft Regulation sets out the details of an updated Multi-level Protection Scheme, whereby network operators (defined below) are required to comply ...

April 23, 2018, Inside Privacy

Pursuant to Executive Order 13636, the National Institute of Standards and Technology (“NIST”) established the Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0, a technology-neutral, voluntary, risk-based cybersecurity framework that includes standards and processes intended to align policy, business, and technological approaches to ...

January 4, 2018, National Defense

December 4, 2017, Inside Privacy

Ahead of the upcoming December 31, 2017 deadline for federal defense contractors to implement the security controls of National Institute of Standards and Technology (“NIST”) Special Publication 800-171 (“SP 800-171”), NIST has released a new draft publication designed to assist organizations in assessing compliance under SP 800-171, Draft Special Publication ...

November 28, 2017, Inside Privacy

Earlier this year, the FTC’s staff released a series of blog posts entitled Stick with Security that updated and expanded upon the prior Start with Security best-practices guide for information security practices.  The Stick with Security series draws from FTC complaints, consent orders, closed investigations, and input from companies around the country to ...

October 31, 2017, Inside Privacy

Ashden Fein’s Cybersecurity practice focuses on counseling clients who are preparing for and responding to cyber-based attacks on their networks, assessing their security controls and practices for the protection of data and systems, developing and implementing cybersecurity programs, and complying with federal and state regulatory requirements. Ashden has ...

October 2017, Pratt's Government Contracting Law Report

August 2, 2017, Inside Privacy

Last week, the U.S. Department of Justice (“DOJ”) released a voluntary framework for organizations to use in the development of a formal program to receive reports of network, software, and system vulnerabilities, and to disclose vulnerabilities identified in other organizations’ environments.  This framework provides private entities a series of steps to ...

May 17, 2017, Covington Alert

Last Friday may mark the start of a new era in cyber crime. The first worldwide ransomware attack, commonly dubbed “WannaCry,” emerged on May 12. The malware is believed to have infected more than 300,000 computers in 150 countries to date. A cyber criminal or ring of criminals, taking advantage of an exploit made available by the ShadowBrokers hacker group that ...

September 14, 2016, 2016 Covington Government Contracts Briefing: Solving Problems, Securing Opportunities

June 21, 2016, Webinar

March 2016, Cyber Security Law & Practice

September 11, 2015, Covington Alert

August 12, 2015, The Cybersecurity Law Report

July 30, 2015, Inside Compensation

The federal government has been encouraging employers to adopt best practices to address both external and internal threats to critical business information and infrastructure. These best practices have included an important human resources element, including policies and programs covering current and former employees. For example, the Obama Administration ...

July 17, 2015, Webinar

June 11, 2015, Inside Energy & Environment

On Monday, the 2015 G-7 Summit ended with the President and other Leaders of the G-7 focused generally on a wide range of economic, security, and development issues, and specifically discussing the energy sector’s cybersecurity posture.  According to the White House, the Leaders “launched a new cooperative effort to enhance cybersecurity of the energy sector...… ...

March 12, 2015, Inside Counsel

Richard Shea, Lindsay Burke and Ashden Fein have authored this article on cybersecurity threats: "Cybersecurity threats can emanate not just from outside sources but from company insiders as well — including employees, executives, directors and contractors. According to NetDiligence’s 2014 Cyber Insurance Claims Study, roughly one-third of the reported events ...

March 12, 2015, InsideCounsel