Everyone Come to Play: Exploring FOCI Mitigation Instruments
Defense Dynamics: Navigating the Post-Election Landscape for the National Security Sector
Podcast - Navigating M&A Due Diligence: Safeguarding Security Clearances
Podcast - Change Condition Packages: Tips for Cleared Contractors
Podcast - Corporate Documents in the Context of Clearances
Navigating Personnel Security Clearances (PCLs)
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
What Is an FCL and How Do I Obtain One?
Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
Intellectual Property In Department of Defense Contracting
The When, Where, Why and How of CMMC with Fernando Machado
Podcast - The State of Contractor Cybersecurity with Katie Arrington
What Do the Newly Released CMMC 2.1 Documents Mean?
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
Cybersecurity for Government Contractors: Success Through Compliance Readiness
Overcoming the Inflation Crisis: The Ins and Outs of Inflation Relief for DOD Contractors
[Podcast] NSA Cybersecurity Services for Defense Contractors
Torres Talks Trade Podcast- Episode 2- Cybersecurity, the Department of Defense, and the Private Sector/Government Contracting
On October 15, 2024, the Department of Defense (DoD) published the final rule for the Cybersecurity Maturity Model Certification (CMMC) Program that not only finalizes the long-anticipated CMMC Rule but also foreshadows what...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
After numerous fits and starts, on October 14, the Department of Defense (DoD) published a final rule implementing the Cybersecurity Maturity Model Certification (CMMC) program. Borne from documented deficiencies in the...more
In recent years, the U.S. Department of Justice has ramped up its examination of cybersecurity compliance among federal contractors, with a particular focus on academic institutions....more
The Justice Department’s global settlement included a significant False Claims Act resolution, resulting in a second deferred prosecution agreement (“DPA”) for a three-year term. A criminal information was filed in the...more
Raytheon’s comprehensive settlement included FCPA violations and failures to make required disclosures to the Defense Department concerning fees and commissions. This portion of the settlement was filed in the Eastern...more
The Biden Administration on Oct. 24, 2024, issued a memorandum, "Advancing the United States' Leadership in Artificial Intelligence; Harnessing Artificial Intelligence to Fulfill National Security Objectives; and Fostering...more
Raytheon’s criminal conduct cut across a variety of topics — it is difficult to imagine but Raytheon’s misconduct occurred in separate parts of the company, involving violations of different laws. Like most cases, I always...more
The CMMC program is designed to ensure that federal contract information (“FCI”) and Controlled Unclassified Information (“CUI”) are sufficiently protected by government contractors. For example, the CMMC program requires...more
Raytheon Company (Raytheon) — a subsidiary of defense contractor, RTX (formerly known as Raytheon Technologies Corporation) — agreed to pay over $950 million to resolve the Justice Department’s investigations into: (i) a...more
The Department of Justice (DOJ) secured another win for its Civil Cyber-Fraud Initiative last week when it resolved a False Claims Act (FCA) action[1] alleging Pennsylvania State University (Penn State) failed to comply with...more
The Department of Defense (DoD) published a Final Rule earlier this month formally implementing the Cybersecurity Maturity Model Certification (CMMC) Program. This Final Rule is the culmination of five years of work to...more
San Diego Physician and Medical Practice Pay $3.8 Million to Resolve FCA Allegations- San Diego-based physician Dr. Janette J. Gray and her former medical practice, The Center for Health & Wellbeing, agreed to pay $3.8...more
On September 30, the Department of Defense’s (DoD) Office of Strategic Capital (OSC) announced its first-ever Notice of Funding Availability (NOFA) to provide loans for technologies that are critical to US national and...more
Less than 10 months after the issuance of its proposed rule, DoD has issued this final rule establishing the CMMC program. DoD’s issuance of the final rule demonstrates the government’s continued commitment to...more
The U.S. Department of Defense (DOD) has published a Final Rule to implement the Cybersecurity Maturity Model Certification (CMMC) program, which establishes minimum cybersecurity requirements for nearly all DOD contracts....more
The U.S. Department of Defense (DOD) has long questioned whether contractors and their supply chains have been fully compliant with existing cybersecurity requirements aimed at protecting Controlled Unclassified Information...more
The U.S. Department of Defense's (DOD) Office of Strategic Capital (OSC) on Sept. 27, 2024, published a Notice of Funding Availability (NOFA) that would make up to $984 million in loans available for a range of projects that...more
On August 22, 2024, the United States intervened in a whistleblower suit against the Georgia Institute of Technology, initially filed by current and former members of Georgia Tech’s cybersecurity team, alleging that Georgia...more
Some might say there’s little difference between dealing with the devil and being a federal contractor. And for the unwary or unprepared, that may not be far off. Federal contracting comes with a litany of “fine print” that...more
Cybersecurity requirements for federal contractors and grantees continue to proliferate—and those requirements do not just come with contractual risk. Increasingly, the United States government is leveraging enforcement...more
The federal government's recent False Claims Act suit against Georgia Tech highlights the importance of complying with cybersecurity standards when working on federal contracts. This action signifies the U.S. Department of...more
The U.S. Department of Defense (DOD) issued the proposed Defense Federal Acquisition Regulation Supplement (DFARS) rules that will implement the Cybersecurity Maturity Model Certification (CMMC) program. These rules, which...more
The DoD takes yet another step towards full implementation of CMMC 2.0. The proposed rule aims to implement many of the aspects of the Cybersecurity Maturity Model Certification program by amending the Department of...more
The U.S. and the U.K. are focused on common national security risks, including preventing foreign access to key emerging technologies, the integrity of the defense supply chain, protection of critical infrastructure, and...more