Understanding FOCI Mitigation
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
Podcast - The State of Contractor Cybersecurity with Katie Arrington
What Do the Newly Released CMMC 2.1 Documents Mean?
Season 2 Episode 5- Defense Trade Down Under
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] NSA Cybersecurity Services for Defense Contractors
Cybersecurity and 889 Compliance in 2021: What Government Contractors Need to Know
Marti Arvin and Anthony Buenger on the CMMC Framework
ITAR for Facility Security Officers
Jones Day Talks: Navigating Foreign Direct Investment in Germany
Bribery & Corruption in the Military. A Front-Line View (Part II)
Bribery & Corruption in the Military. A Front-Line View (Part I)
Cybersecurity Maturity Model Certification (CMMC) is coming — and now appears to be coming faster than many defense contractors believed. In the latest signal of CMMC’s forward momentum, the Department of Defense (DoD) issued...more
The federal government's recent False Claims Act suit against Georgia Tech highlights the importance of complying with cybersecurity standards when working on federal contracts. This action signifies the U.S. Department of...more
The United States Department of Defense (DoD) took another big step on the path to instituting its highly anticipated Cybersecurity Maturity Model Certification 2.0 program (CMMC 2.0). Once finalized, CMMC 2.0 will establish...more
The Cybersecurity Maturity Model Certification (CMMC) Program has been a headache for many defense contractors since the idea was first introduced in 2019. The program seeks to protect unclassified information, including...more
Concerns regarding the integrity of the U.S. defense industrial base supply chain continue to grow. Similar to national cybersecurity risks, national security risks to the defense supply chain are asymmetric and can arise at...more
As we promised a trilogy in our earlier 2024 CMMC Blog – “Get Ahead of Compliance: The Proposed Rule for the Cybersecurity Maturity Model Certification (CMMC 2.0) Is Out!” – we continue our series with a discussion of each...more
In 2023, the Department of Justice (DOJ) achieved a record-breaking number of recoveries under the False Claims Act (“FCA”), underscoring its ongoing commitment to combating fraud against the federal government. Government...more
The National Institute of Standards and Technology (NIST) released the third revision of its Special Publication (SP) 800-171, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations." This...more
Current and future U.S. defense contractors, and entities interested in acquiring these contractors, should prepare for increased regulatory scrutiny of mergers and acquisitions (M&A) transactions. Congress is signaling that...more
On May 2, the Department of Defense (DOD) issued a class deviation to DFARS 252.204-7012 “to provide industry time for a more deliberate transition upon the forthcoming release of [National Institute of Standards and...more
The U.S. government recently intervened in a False Claims Act qui tam case against Georgia Tech Research Corporation, Georgia Institute of Technology, and Georgia Tech Research Institute for violations of NIST 800-171 for...more
With ever-increasing threats from the Chinese Communist Party, recently exposed vulnerabilities in the United States' supply chain and decades of outsourcing that has left the defense and industrial base vulnerable, there is...more
The US Department of Defense (DoD) has issued a proposed rule to implement its long-awaited Cybersecurity Maturity Model Certification program (CMMC 2.0). This proposed rule — released on December 26, 2023, and published in...more
On Jan. 11, the Department of Defense (DOD) released its first-ever National Defense Industrial Strategy (NDIS). The NDIS outlines a multifaceted approach to strengthen U.S. defense capabilities, innovation and global defense...more
In an era where digital threats are ever-evolving, ensuring the security of sensitive government data is paramount, especially for government contractors working on defense contracts. Join PilieroMazza’s Cy Alba and Daniel...more
Well, the wait is over. Just as 2023 came to a close, on December 26, 2023, the Department of Defense (“DoD”) published the much-anticipated Proposed Rule for the DoD’s Cybersecurity Maturity Model Certification (“CMMC”)...more
On December 26, the Department of Defense (DoD) published its long-awaited Cybersecurity Maturity Model Certification (CMMC) Program proposed rule, which places comprehensive cybersecurity and information security...more
The Department of Defense (DoD) delivered its proposed Cybersecurity Maturity Model Certification Program rule (CMMC) the day after Christmas this year, including several related guidance documents (listed here). The proposed...more
The Inspector General (IG) for the U.S. Department of Defense (DOD) issued a report critical of recent efforts by contractors to protect Controlled Unclassified Information (CUI). The report, which followed the DOD IG's...more
In this episode of "Regulatory Phishing," former U.S. Department of Defense Chief Information Security Officer (CISO) Katie Arrington joins Government Contracts and Cybersecurity attorney Eric Crusius to discuss the state of...more
In this episode of "Regulatory Phishing," government contracts and cybersecurity attorney Eric Crusius examines the newly released Cybersecurity Maturity Model Certification (CMMC) program documents. Mr. Crusius breaks down...more
In late November 2022, the Armed Services Board of Contract Appeals (ASBCA) ruled that the U.S. Government can mount a validation challenge against proprietary markings on commercial data developed exclusively at private...more
In this episode of "Regulatory Phishing," Eric Crusius is joined by Tom Tollerton, a partner with FORVIS, a Certified Third-Party Assessment Organization (C3PAO). In this episode, Eric and Tom discuss the role of the C3PAO in...more
Contractors that do business with the U.S. Department of Defense (DoD) and handle Controlled Unclassified Information (CUI) have been awaiting the issuance of a rule implementing the Cybersecurity Maturity Model Certification...more