In June 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued draft updated guidance for public comment on the Minimum Elements for a Software Bill of Materials (SBOM), which the National Telecommunications and Information Administration (NTIA) first published in 2021 for federal agencies in response to Executive Order 14028 on Improving the Nation’s Cybersecurity. SBOMs provide those who produce, choose, and operate software with information that enhances their understanding of the software supply chain. Broadly, NTIA’s SBOM framework provides a standardized mechanism for recording software inventory and has become an increasingly critical part of securing the software supply chain at the component level. CISA’s updated guidance recognizes the rapid growth and distinct developments in the ecosystem, including SaaS in cloud environments and AI systems.

Continue reading the full GT Alert.

Tags: CISA, government contractors, GT Insight
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Eleanor M. Ross Eleanor M. Ross

Eleanor (Elle) Ross advises government contractors from a diverse range of industries on regulatory matters including compliance with government regulations, contract disputes, defense of claims, and government investigations. She litigates bid protests before the Court of Federal Claims and the Government Accountability Office.

Eleanor (Elle) Ross advises government contractors from a diverse range of industries on regulatory matters including compliance with government regulations, contract disputes, defense of claims, and government investigations. She litigates bid protests before the Court of Federal Claims and the Government Accountability Office. She advises clients in connection with an array of agreements and multi-award procurements, including challenging award decisions in a variety of fora.

Elle also counsels clients on federal and state compliance obligations, particularly in connection with cybersecurity (including CMMC and NIST requirements) and supply chain risk management practices. She works with clients to understand government regulations and to develop compliance plans and to implement those plans. She also assists with making mandatory and voluntary disclosures to federal agencies and represented clients in subsequent investigations and administrative proceedings. She manages sanctions proceedings against contractors, including cases alleging fraud and corruption.

Elle also represents clients in commercial contract disputes, both in mediation and in federal court.

Previously, Ms. Ross was a legal consultant to World Bank Office of Suspension and Debarment, where she reviewed cross-border investigations to determine contractor compliance with World Bank regulations.

Read more about Eleanor M. RossEleanor M.'s Linkedin Profile
Show more Show less
Photo of Cassidy Kim Cassidy Kim

Cassidy Kim focuses her practice on government contracts and procurement matters. Cassidy also advises clients on cybersecurity and privacy compliance issues. She has worked with clients operating in an array of industries to navigate these sectors of the law, including providers of critical…

Cassidy Kim focuses her practice on government contracts and procurement matters. Cassidy also advises clients on cybersecurity and privacy compliance issues. She has worked with clients operating in an array of industries to navigate these sectors of the law, including providers of critical government infrastructure solutions, enterprise cloud services, EdTech, and autonomous defense systems.

Cassidy advises clients on litigating bid protests and claims involving state and federal level government procurements, including before the Government Accountability Office, U.S. Court of Federal Claims, and the California Department of General Services. She also provides industry-specific counsel on the CCPA/CPRA, GDPR, NIST, and related privacy and cybersecurity matters. Cassidy has developed consumer-facing privacy disclosures, B2B data transfer agreements, and employee compliance procedures. She has also led strategy on responses to regulatory actions and advised on supply chain risk management practices.

Prior to Greenberg Traurig, Cassidy worked as counsel at the Federal Reserve Bank of San Francisco, where she managed negotiations and provided strategic advice on San Francisco Fed and other Federal Reserve System contracts and procurement efforts across core business groups.

Read more about Cassidy Kim
Show more Show less
Photo of Olivia Bellini Olivia Bellini

Olivia Bellini is a member of the Government Contracts Practice in Greenberg Traurig’s Northern Virginia office. She litigates pre-award and post-award bid protests before the Government Accountability Office and the Court of Federal Claims. She also assists in representations involving contracts disputes, and…

Olivia Bellini is a member of the Government Contracts Practice in Greenberg Traurig’s Northern Virginia office. She litigates pre-award and post-award bid protests before the Government Accountability Office and the Court of Federal Claims. She also assists in representations involving contracts disputes, and suspensions and debarments against federal agencies.

Olivia's Linkedin Profile
Show more Show less
Related Posts
Cyber Image
Proposed FAR CUI Rulemaking Nears Comment Deadline
March 13, 2025
Cyber Image
FAR Controlled Unclassified Information Rule Standardizes and Extends Cybersecurity Requirements to All Federal Contractors
January 27, 2025
GovernmentContracts_Proposal
Proposed Cyber Incident Reporting Requirements for DIB Contractors Under CIRCIA
June 26, 2024