Less than 10 months after the issuance of its proposed rule, DoD has issued this final rule establishing the CMMC program.
DoD’s issuance of the final rule demonstrates the government’s continued commitment to...more
The DoD takes yet another step towards full implementation of CMMC 2.0.
The proposed rule aims to implement many of the aspects of the Cybersecurity Maturity Model Certification program by amending the Department of...more
Sweden’s accession to NATO provides not only increased political stability in Northern Europe, but also presents significant opportunities to Swedish companies.
On March 7, 2024, after a nearly two-year delay, Sweden...more
The proposed rule requires contractors to make annual affirmations regarding their cybersecurity maturity, thus increasing their risk of False Claims Act Liability.
The proposed rule allows for limited use of Plans of...more
1/19/2024
/ Code of Federal Regulations (CFR) ,
Contractors ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
DFARS ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
NIST ,
Proposed Rules ,
Security Controls ,
Subcontractors
The designation of new technology hubs is a major implementation milestone of the new Microelectronics Commons program, created by the CHIPS Act.
The Department of Defense (DoD) Microelectronics Commons program, created...more
The Department of Homeland Security amended its regulations due to the urgent need to protect Controlled Unclassified Information.
On June 21, 2023, the Department of Homeland Security (DHS or Department) issued a final...more
7/21/2023
/ Controlled Unclassified Information (CUI) ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
Federal Contractors ,
Policies and Procedures
A seven-year long False Claims Act suit comes to an end after Aerojet Rocketdyne reaches a $9 million settlement agreement for its alleged false certification of compliance with cybersecurity requirements.
In the settlement...more
7/8/2022
/ Corporate Counsel ,
Cybersecurity ,
Department of Defense (DOD) ,
Department of Justice (DOJ) ,
DFARS ,
False Claims Act (FCA) ,
NIST ,
Popular ,
Settlement Agreements ,
Subcontractors ,
Summary Judgment ,
Supply Chain ,
Whistleblowers
A recent DoD memorandum should serve as a warning to contractors that they need to focus on cybersecurity compliance now or risk serious consequences.
A recent DoD memorandum should serve as a warning to contractors that...more
The Department of Defense has announced plans to suspend its current CMMC program and replace it with a streamlined process for achieving government contract cybersecurity compliance through “CMMC 2.0.”
The DoD announced...more
The legislation would require all federal contractors to report potential and actual cybersecurity incidents to the Department of Homeland Security.
The Act would impose a 24-hour reporting requirement on federal...more
7/28/2021
/ Cyber Attacks ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
Federal Contractors ,
FOIA ,
General Services Administration (GSA) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Penalties ,
Popular ,
Proposed Legislation ,
Reporting Requirements
The Department of Defense issued a final rule adding the National Industrial Security Program Operating Manual (NISPOM) to the Code of Federal Regulations (CFR) and making other changes relevant to contractors that access...more
Once CMMC has been rolled out, nearly all DoD contractors will need to be assessed by a third party for the issuance of a CMMC Certificate.
The Interim Rule provides for a phased rollout over five years for all contractors...more
- DoD has released the final version of the CMMC framework.
- DoD anticipates that CMMC requirements will appear in a limited number of solicitations starting in October 2020 and that they will appear in all DoD...more
2/4/2020
/ Bid Solicitation ,
Certification Requirements ,
Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Protection ,
Defense Contracts ,
Defense Sector ,
Department of Defense (DOD) ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NIST ,
Popular ,
Subcontractors ,
Supply Chain
The Department of Defense (DoD) is planning to release Volume 1.0 of the Cyber Maturity Model Certification (CMMC) framework, which will affect the award and continued performance of all DoD contracts.
In response to the...more
12/16/2019
/ Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Contracts ,
Defense Sector ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
Intellectual Property Protection ,
National Security ,
NIST ,
Request For Information ,
Self-Certification ,
Supply Chain ,
Training Requirements
Several of the “Section 809” Panel’s recommendations would change the procurement landscape by significantly curtailing the bid protest process and limiting judicial review of procurement decisions.
The Section 809 Panel...more