Less than 10 months after the issuance of its proposed rule, DoD has issued this final rule establishing the CMMC program.
DoD’s issuance of the final rule demonstrates the government’s continued commitment to...more
The Georgia Tech case serves as yet another reminder of the importance of contractor compliance with cybersecurity requirements in federal contracts.
The Government alleges that Georgia Tech failed to comply with the...more
The DoD takes yet another step towards full implementation of CMMC 2.0.
The proposed rule aims to implement many of the aspects of the Cybersecurity Maturity Model Certification program by amending the Department of...more
The proposed rule requires contractors to make annual affirmations regarding their cybersecurity maturity, thus increasing their risk of False Claims Act Liability.
The proposed rule allows for limited use of Plans of...more
1/19/2024
/ Code of Federal Regulations (CFR) ,
Contractors ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
DFARS ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
NIST ,
Proposed Rules ,
Security Controls ,
Subcontractors
The Federal Acquisition Regulation (FAR) Council has proposed two new cybersecurity rules that would impose significant obligations and risks for federal government contractors.
The proposed rules impose substantial cyber...more
11/16/2023
/ Civil Monetary Penalty ,
Corporate Counsel ,
Criminal Penalties ,
Cyber Incident Reporting ,
Cybersecurity ,
Department of Justice (DOJ) ,
DFARS ,
Duty to Indemnify ,
Executive Orders ,
FBI ,
Federal Contractors ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Sharing ,
Multi-Factor Authentication ,
New Rules ,
Policies and Procedures ,
Popular ,
Proposed Rules ,
Subcontracts
A seven-year long False Claims Act suit comes to an end after Aerojet Rocketdyne reaches a $9 million settlement agreement for its alleged false certification of compliance with cybersecurity requirements.
In the settlement...more
7/8/2022
/ Corporate Counsel ,
Cybersecurity ,
Department of Defense (DOD) ,
Department of Justice (DOJ) ,
DFARS ,
False Claims Act (FCA) ,
NIST ,
Popular ,
Settlement Agreements ,
Subcontractors ,
Summary Judgment ,
Supply Chain ,
Whistleblowers
A recent DoD memorandum should serve as a warning to contractors that they need to focus on cybersecurity compliance now or risk serious consequences.
A recent DoD memorandum should serve as a warning to contractors that...more
President Biden’s new Executive Order to improve cybersecurity involves a particular focus on federal government and contractor systems.
President Biden’s Executive Order directs sweeping changes to cybersecurity...more
5/20/2021
/ Cybersecurity ,
Department of Homeland Security (DHS) ,
DFARS ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Information and Communication Technology (ICT) ,
Joe Biden ,
NIST ,
OMB ,
Popular ,
Supply Chain
Once CMMC has been rolled out, nearly all DoD contractors will need to be assessed by a third party for the issuance of a CMMC Certificate.
The Interim Rule provides for a phased rollout over five years for all contractors...more
The Department of Defense (DoD) is planning to release Volume 1.0 of the Cyber Maturity Model Certification (CMMC) framework, which will affect the award and continued performance of all DoD contracts.
In response to the...more
12/16/2019
/ Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Contracts ,
Defense Sector ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
Intellectual Property Protection ,
National Security ,
NIST ,
Request For Information ,
Self-Certification ,
Supply Chain ,
Training Requirements