This is the fourth blog in a series of Covington blogs on cybersecurity policies, executive orders (“EOs”), and other actions of the new Trump Administration. This blog describes key cybersecurity developments that took place in May 2025.
CISA Releases AI Data Security Guidance
On May 22, the Cybersecurity and Infrastructure Security Agency (“CISA”), which sits
On May 22, 2025, the Cybersecurity and Infrastructure Security Agency (“CISA”), which sits within the Department of Homeland Security (“DHS”) released guidance for AI system operators regarding managing data security risks. The associated press release explains that the guidance provides “best practices for system operators to mitigate cyber risks through the artificial intelligence lifecycle, including
In a recent bid protest decision— Digital Force Technologies, Inc., B-423319 (May 19, 2025), the Government Accountability Office (“GAO”) denied a protest of a Small Business Innovation Research (“SBIR”) program Phase III sole source solicitation issued by the Air Force, concluding that the Air Force had properly procured work from a successor-in-interest entity that
The Government Accountability Office (“GAO”) released a report on the Defense Contract Audit Agency’s (“DCAA”) past and future use of private-sector, independent public accountants to augment its auditor workforce. The initiative—approved under Section 803 of the Fiscal Year (“FY”) 2018 National Defense Authorization Act (“NDAA”)—began in fiscal year 2020 and was originally envisioned by Congress
This is the third blog in a series of Covington blogs on cybersecurity policies, executive orders (“EOs”), and other actions of the new Trump Administration. This blog describes key cybersecurity developments that took place in April 2025.
NIST Publishes Initial Draft of Guidance for High Performance Computing Systems
U.S. National Institute of Standards and Technology
On May 19, 2025, Deputy Attorney General Todd Blanche issued a memorandum establishing a DOJ Civil Rights Fraud Initiative. The Initiative will use the False Claims Act (“FCA”) to “investigate and . . . pursue claims against any recipient of federal funds that knowingly violates federal civil rights laws.” Educational institutions, federal contractors, grantees, and
On April 20th, a bipartisan, bicameral group of lawmakers, including Senator Mark Kelly (D-Ariz.) and Senator Todd Young (R-Ind.) in the Senate and Representative John Garamendi (D-Calif.) and Representative Trent Kelly (R-Miss.) in the House, reintroduced the Shipbuilding and Harbor Infrastructure for Prosperity and Security for America Act of 2025 (the “SHIPS Act”
Last Monday, April 28, 2025, the House passed a bill titled Removing Our Unsecure Technologies to Ensure Reliability and Security (“ROUTERS”) Act (H.R. 866), which directs the Secretary of Commerce to study national security risks and cybersecurity vulnerabilities “posed by consumer routers, modems, and devices that combine a modem and router, that are
On Friday, May 2, the U.S. government announced further steps in its much-discussed plan to re-write the FAR by establishing a “Revolutionary FAR Overhaul” (“RFO”) website on Acquisition.gov, issuing written guidance to federal agencies, and releasing proposed revisions to FAR Part 1 – Federal Acquisition Regulation System and Part 34 – Major System Acquisition. This
On January 21, 2025, President Trump issued Executive Order 14173, titled “Ending Illegal Discrimination and Restoring Merit-Based Opportunity” (“EO 14173”), which, among other things, revoked Executive Order 11246 (“EO 11246”), a 60-year-old Civil Rights-era directive that prohibited federal contractors from discriminating on the basis of race, color, religion, sex, sexual orientation, gender identity, or