What we’re talking about
Using AI in CUI environments presents risks and threats that have yet to be fully addressed by CMMC cybersecurity protocols or security standards. In an effort to provide guidance the Information Security Oversight Office has released ISOO Notice 2026-01: Responsible Use of Classified National Security Information and Controlled Unclassified Information with Artificial Intelligence. ISOO Notice
NIST SP 800-160 provides guidance on engineering trustworthy secure systems and developing cyber-resilient systems. This National Institute of Standards and Technology (NIST) publication focuses on integrating security into engineering processes throughout the product’s life cycle. It aims to foster a common mindset for delivering security across various system types and complexities. Engineering Secure Systems It
The Bureau of Industry and Security’s (BIS) funding is set to increase to $450 million in the 2027 budget proposal. This would represent a 150% percent increase from the agency’s fiscal year 2026 $215 million budget. The funds would be used to hire hundreds of Special Agent officers to enforce Export Administration Regulations. Reasons Driving
Applied Materials, Inc. (AMAT) and Applied Materials Korea, Ltd. (AMK) have agreed to payment of $252 million dollars in penalties for the illegal export of U.S. semiconductor manufacturing equipment. This settlement with the Bureau of Industry and Security (BIS), is the second largest imposed by the agency. Applied Materials Specific Violations The cited violations involved
President Donald Trump has signed a cybercrime executive order directing federal agencies to enhance efforts against cyber-enabled fraud and transnational criminal organizations (TCOs). This action calls for interagency coordination for the review and improvement of operational, technical, and regulatory frameworks to combat cyber-enabled crime. Agencies Involved with Cybercrime Executive Order This executive order, signed on
End-use and end-user controls are essential components of the United States Export Administration Regulations (EAR). They help ensure that exported items are not used in ways that could harm national security or foreign policy interests. These controls are often used for dual use items. The term dual-use technology refers to items, software, and technology that
Strategic export compliance implementation is required to achieve a compliance program maturity that will adequately address evolving regulatory requirements. This entails employing a business strategy that includes involvement and accountability of senior management. It should also emphasize that everyone involved in exporting regulated articles or technologies is responsible for compliance. This includes employees, contractors, vendors, and clients.
The Wassenaar Arrangement was established to promote transparency and responsibility in international transfers of conventional weapons and dual-use goods and controlled technologies. This international effort to prevent global destabilization was established at Wittenburg Castle in Germany in 1995. The Wassenaar Arrangement Plenary meets once a year in Vienna. The Plenary is led by a rotating
The Bureau of Industry and Security (BIS) has released revisions to the Export Administration Regulations (EAR) to limit semiconductor and advanced computing commodities to China and Macau. These changes have been made to ensure that United States national security interests are met and that and that proposed exports would not reduce global integrated circuit production
There are likely to be a number of cybersecurity challenges for organizations in 2026 that will effect businesses in every sector. These challenges include a growing threat arena, an increased complexity of requirements, and a shrinking pool of qualified personnel to perform essential information security functions. In addition, all of this is occurring at a
The Directorate of Defense Trade Controls (DDTC), under the Department of State, has released the AUKUS Final Rule. This amendment, under part 126 of the International Traffic in Arms Regulations (ITAR) was published and became effective on December 30, 2025. This exemption will greatly facilitate defense trade between defense trade between the United States, the
The System for Award Management (SAM) has undergone significant changes under the Revolutionary FAR Overhaul (RFO). This RFO initiative is an effort by the Office of Federal Procurement Policy (OFPP), the Federal Acquisition Regulation (FAR) Council, and the General Services Administration (GSA) to support sound procurement for government contracts. It is being initiated in an
Cyber insurance has become a larger part of the cybersecurity risk management process for businesses. This is due to the rising potential impacts of cyber threats to sensitive data. As a result, cyber liability insurance market is changing rapidly. These changes include reduced coverage limits, increased premium, and requirements for adequate security controls for cyber
The IA9100 Series Standards are due for release in 2026. The International Aerospace Quality Group (IAQG) is conducting comprehensive revisions of AS9100, AS9110, AS9120 and AS9145. The transition period for organizations to adopt the new standards will likely extend until 2029. AS9100 Standard History and Overview AS9100 Quality Management Systems – Requirements for Aviation, Space,
MIL-STD-461 documentation development is a requirement in preparing for testing. Test plans should include the content called out in DI-EMCS-80201 Electromagnetic Interference Test Procedures (EMITP). This content includes a table of all MIL-STD-461 procedures to be performed, description of the Equipment Under Test (EUT), and any approved exceptions or deviations. Other requirements include test site
The U.S. Department of Commerce has announced the launching of the American AI Exports Program. This initiative is part of a larger effort by President Donald Trump to advance the United State’s leadership in advanced technologies. The program will include hardware, software, applications, models, and full stack AI export. Full Stack AI refers to a
