Understanding FOCI Mitigation
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
Podcast - The State of Contractor Cybersecurity with Katie Arrington
What Do the Newly Released CMMC 2.1 Documents Mean?
Season 2 Episode 5- Defense Trade Down Under
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] NSA Cybersecurity Services for Defense Contractors
Cybersecurity and 889 Compliance in 2021: What Government Contractors Need to Know
Marti Arvin and Anthony Buenger on the CMMC Framework
ITAR for Facility Security Officers
Jones Day Talks: Navigating Foreign Direct Investment in Germany
Bribery & Corruption in the Military. A Front-Line View (Part II)
Bribery & Corruption in the Military. A Front-Line View (Part I)
Cybersecurity Maturity Model Certification (CMMC) is coming — and now appears to be coming faster than many defense contractors believed. In the latest signal of CMMC’s forward momentum, the Department of Defense (DoD) issued...more
The United States Department of Defense (DoD) took another big step on the path to instituting its highly anticipated Cybersecurity Maturity Model Certification 2.0 program (CMMC 2.0). Once finalized, CMMC 2.0 will establish...more
The Cybersecurity Maturity Model Certification (CMMC) Program has been a headache for many defense contractors since the idea was first introduced in 2019. The program seeks to protect unclassified information, including...more
U.S. Attorney Nikolas P. Kerest recently highlighted the severity of fraud by government contractors and subcontractors, emphasizing the importance of upholding the integrity of government procurement programs. These remarks...more
As we promised a trilogy in our earlier 2024 CMMC Blog – “Get Ahead of Compliance: The Proposed Rule for the Cybersecurity Maturity Model Certification (CMMC 2.0) Is Out!” – we continue our series with a discussion of each...more
On February 15, 2024, the Department of Defense (DOD) issued a final rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) to implement Executive Order (EO) 14005, Ensuring the Future Is Made in All of...more
With ever-increasing threats from the Chinese Communist Party, recently exposed vulnerabilities in the United States' supply chain and decades of outsourcing that has left the defense and industrial base vulnerable, there is...more
Aerospace, defense, and security businesses are subject to a myriad of regulations and operational requirements that are constantly changing. These include things like SBA rules for credit for small businesses and...more
The US Department of Defense (DoD) has issued a proposed rule to implement its long-awaited Cybersecurity Maturity Model Certification program (CMMC 2.0). This proposed rule — released on December 26, 2023, and published in...more
In this series of articles, we explore the different certification requirements of CMMC Level 1, 2 and 3, the impact on contractors and external service providers, and proposed next steps... On December 26, 2023, the US...more
PAE Applied Technologies LLC and the United States Department of the Navy find themselves entangled in a contentious contract dispute that has reached a critical point. The Navy has taken a proactive approach by filing a...more
The Department of Defense (DoD) delivered its proposed Cybersecurity Maturity Model Certification Program rule (CMMC) the day after Christmas this year, including several related guidance documents (listed here). The proposed...more
The U.S. Department of Defense (DOD) has finalized a proposed rule authorizing the acquisition of commercial products and services using general solicitation competitive procedures known as a "commercial solutions opening"...more
The FY2023 James M. Inhofe National Defense Authorization Act (FY2023 NDAA) included several important provisions for government contractors. We described several of those important FY2023 NDAA provisions in a presentation...more
The Department of Defense (DOD) has proposed an updated rule in the Defense Federal Acquisition Regulation Supplement (DFARS) to increase Buy American Act content thresholds for federal government contractors under DOD...more
The Federal Acquisition Regulatory Council (FAR Council) announced it was preparing a proposed rule to standardize cybersecurity requirements for unclassified Federal Information Systems across federal agencies in accordance...more
The Department of Defense recently released new guidance regarding cybersecurity regulations for all defense contractors. A new clause in the Defense Federal Acquisition Regulations Supplement, added on Sept. 17, 2017, DFARS...more
The Federal Acquisition Regulation and, likewise, the DFARS, distinguish “commercial” from “non-commercial” by generally defining a “commercial” item or service as that which is of a type customarily used by the general...more
Amid the 4,000 pages of provisions in the recently enacted Fiscal Year 2023 National Defense Authorization Act (NDAA) are prohibitions and associated requirements relating to the federal procurement of certain Chinese...more
On October 26, 2022, John M. Tenaglia, Principal Director, Defense Pricing and Contracting, issued Class Deviation 2023-O0001 to direct contracting officers to use alternate procedures to verify small business joint venture...more
With the announcement of a revamped Cybersecurity Maturity Model Certification (known as CMMC 2.0),1 for the third time in five years, the U.S. Department of Defense (DOD) announced new, comprehensive cybersecurity standards...more
The Contract Disputes Act allows contractors seeking payment of a claim arising from a contract with the federal government six years from the date it accrued to submit the claim to the contracting officer. Failure to do so...more
After months of review, on November 4, 2021, the Department of Defense (DoD) finally unveiled its new version of the Cybersecurity Maturity Model Certification (CMMC 2.0). Well, almost. In a blink-and-you’ll-miss-it moment,...more
As we previously reported, Section 818 of the National Defense Authorization Act for Fiscal Year 2018 (2018 NDAA) required the Department of Defense (DOD) to issue new regulations to establish more detailed and comprehensive...more
A. Introduction and Key Take-Aways - The Department of Defense’s (DOD) Cybersecurity Maturity Model Certification (CMMC) program provides a metric for independent third parties to use in assessing and certifying the...more