Less than 10 months after the issuance of its proposed rule, DoD has issued this final rule establishing the CMMC program.
DoD’s issuance of the final rule demonstrates the government’s continued commitment to...more
The Georgia Tech case serves as yet another reminder of the importance of contractor compliance with cybersecurity requirements in federal contracts.
The Government alleges that Georgia Tech failed to comply with the...more
The DoD takes yet another step towards full implementation of CMMC 2.0.
The proposed rule aims to implement many of the aspects of the Cybersecurity Maturity Model Certification program by amending the Department of...more
Sweden’s accession to NATO provides not only increased political stability in Northern Europe, but also presents significant opportunities to Swedish companies.
On March 7, 2024, after a nearly two-year delay, Sweden...more
The proposed rule requires contractors to make annual affirmations regarding their cybersecurity maturity, thus increasing their risk of False Claims Act Liability.
The proposed rule allows for limited use of Plans of...more
1/19/2024
/ Code of Federal Regulations (CFR) ,
Contractors ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
DFARS ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
NIST ,
Proposed Rules ,
Security Controls ,
Subcontractors
The Federal Acquisition Regulation (FAR) Council has proposed two new cybersecurity rules that would impose significant obligations and risks for federal government contractors.
The proposed rules impose substantial cyber...more
11/16/2023
/ Civil Monetary Penalty ,
Corporate Counsel ,
Criminal Penalties ,
Cyber Incident Reporting ,
Cybersecurity ,
Department of Justice (DOJ) ,
DFARS ,
Duty to Indemnify ,
Executive Orders ,
FBI ,
Federal Contractors ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Sharing ,
Multi-Factor Authentication ,
New Rules ,
Policies and Procedures ,
Popular ,
Proposed Rules ,
Subcontracts
A new interim rule aimed at safeguarding the federal supply chain prohibits contractors from delivering or using covered articles and sources subject to exclusion or removal orders issued under the Federal Acquisition Supply...more
11/6/2023
/ Contractors ,
Cybersecurity ,
Disclosure Requirements ,
Due Diligence ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
Interim Rule ,
NDAA ,
Reporting Requirements ,
Supply Chain ,
Waivers
The designation of new technology hubs is a major implementation milestone of the new Microelectronics Commons program, created by the CHIPS Act.
The Department of Defense (DoD) Microelectronics Commons program, created...more
The Department of Homeland Security amended its regulations due to the urgent need to protect Controlled Unclassified Information.
On June 21, 2023, the Department of Homeland Security (DHS or Department) issued a final...more
7/21/2023
/ Controlled Unclassified Information (CUI) ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
Federal Contractors ,
Policies and Procedures
A seven-year long False Claims Act suit comes to an end after Aerojet Rocketdyne reaches a $9 million settlement agreement for its alleged false certification of compliance with cybersecurity requirements.
In the settlement...more
7/8/2022
/ Corporate Counsel ,
Cybersecurity ,
Department of Defense (DOD) ,
Department of Justice (DOJ) ,
DFARS ,
False Claims Act (FCA) ,
NIST ,
Popular ,
Settlement Agreements ,
Subcontractors ,
Summary Judgment ,
Supply Chain ,
Whistleblowers
A recent DoD memorandum should serve as a warning to contractors that they need to focus on cybersecurity compliance now or risk serious consequences.
A recent DoD memorandum should serve as a warning to contractors that...more
The Department of Defense has announced plans to suspend its current CMMC program and replace it with a streamlined process for achieving government contract cybersecurity compliance through “CMMC 2.0.”
The DoD announced...more
DOJ launches new initiative that promises to use the False Claims Act to combat cybersecurity threats by targeting government contractors who knowingly fail to comply with cybersecurity protocols.
The Civil Cyber-Fraud...more
10/26/2021
/ Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Justice (DOJ) ,
Executive Orders ,
False Claims Act (FCA) ,
Federal Contractors ,
Federal Grants ,
Fraud ,
Joe Biden ,
Popular ,
Safeguards Rule ,
Whistleblower Protection Policies
The legislation would require all federal contractors to report potential and actual cybersecurity incidents to the Department of Homeland Security.
The Act would impose a 24-hour reporting requirement on federal...more
7/28/2021
/ Cyber Attacks ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
Federal Contractors ,
FOIA ,
General Services Administration (GSA) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Penalties ,
Popular ,
Proposed Legislation ,
Reporting Requirements
President Biden’s new Executive Order to improve cybersecurity involves a particular focus on federal government and contractor systems.
President Biden’s Executive Order directs sweeping changes to cybersecurity...more
5/20/2021
/ Cybersecurity ,
Department of Homeland Security (DHS) ,
DFARS ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Information and Communication Technology (ICT) ,
Joe Biden ,
NIST ,
OMB ,
Popular ,
Supply Chain
The Executive Order is projected to increase the hourly wage paid to hundreds of thousands of Federal contractor employees.
President Biden issued an Executive Order raising to $15.00 per hour the minimum wage that Federal...more
The Department of Defense issued a final rule adding the National Industrial Security Program Operating Manual (NISPOM) to the Code of Federal Regulations (CFR) and making other changes relevant to contractors that access...more
Once CMMC has been rolled out, nearly all DoD contractors will need to be assessed by a third party for the issuance of a CMMC Certificate.
The Interim Rule provides for a phased rollout over five years for all contractors...more
- DoD has released the final version of the CMMC framework.
- DoD anticipates that CMMC requirements will appear in a limited number of solicitations starting in October 2020 and that they will appear in all DoD...more
2/4/2020
/ Bid Solicitation ,
Certification Requirements ,
Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Protection ,
Defense Contracts ,
Defense Sector ,
Department of Defense (DOD) ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NIST ,
Popular ,
Subcontractors ,
Supply Chain
The Department of Defense (DoD) is planning to release Volume 1.0 of the Cyber Maturity Model Certification (CMMC) framework, which will affect the award and continued performance of all DoD contracts.
In response to the...more
12/16/2019
/ Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Contracts ,
Defense Sector ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
Intellectual Property Protection ,
National Security ,
NIST ,
Request For Information ,
Self-Certification ,
Supply Chain ,
Training Requirements
GAO’s sustain rate dropped to 13 percent, the lowest level since Fiscal Year 2015.
Protest activity at the GAO decreased by 16 percent over the previous year....more
Recent GAO protest decision highlights the case law-derived exception to the “late is late” rule for responsibility-related proposal documents.
The FAR “late is late” rule requires rejection of untimely filed proposal...more
Court rules agencies must evaluate the realism of compensation in fixed-price professional services contracts.
An agency must evaluate the risk of whether an offeror’s proposed professional compensation is too low to...more
Government Accountability Office (GAO) protest decision casts doubt on the viability of pending proposals following government contract asset sales.
GAO held that agency reasonably disqualified contractor whose quotation...more
Several of the “Section 809” Panel’s recommendations would change the procurement landscape by significantly curtailing the bid protest process and limiting judicial review of procurement decisions.
The Section 809 Panel...more