Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Understanding FOCI Mitigation
Work This Way: A Labor & Employment Law Podcast - Episode 28: Construction Compliance with Joan Moore and Mim Munzel of The Arbor Consulting Group
False Claims Act Insights - If Everything Matters, Nothing Does: Parsing Materiality in FCA Disputes
Build America Buy America What is it? How to qualify.
Podcast - Navigating M&A Due Diligence: Safeguarding Security Clearances
Work This Way: A Labor & Employment Law Podcast - Episode 26: Compensation Compliance with Joan Moore and Mim Munzel of The Arbor Consulting Group
DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
An In-Depth Overview of the DCSA
Sustainable Procurement: A Closer Look at the New Federal Acquisition Regulation (FAR)
DE Under 3: Retirement of “Chevron Doctrine” Exposed Vulnerability of OFCCP’s Overreaching Interpretations of Some of its Rules
Legal Alert | Reign It In: Federal Court Enjoins DOL's Expansion of Davis-Bacon Coverage
Common Scenarios Triggering False Claims Act Violations, Part 3: Claims and Investigations
DE Under 3: OFCCP Must Shut Down its Administrative Court Prosecutions as a Result of SCOTUS’ SEC Jury Trial Case Decision
Common Scenarios Triggering False Claims Act Violations, Part 1: Gov. Contracts and Cybersecurity
DE Under 3: OFCCP’s New Revisions & Additions to its Construction Contractor Compliance Audit Tools
Clocking in with PilieroMazza: Second Chance Initiatives: Hiring Workers with Criminal Histories
DE Under 3: OFCCP VEVRAA Guidance Clarifies Protected Veteran “Benchmark for hiring” is Not a Hard Number Quota
AI Risks for Government Contractors: Navigating Disputes and Litigation
DE Under 3: OFCCP Changes Up Important Technical Details of its Audit Selection Process in First FY 2024 CSAL
Cybersecurity Maturity Model Certification (CMMC) is coming — and now appears to be coming faster than many defense contractors believed. In the latest signal of CMMC’s forward momentum, the Department of Defense (DoD) issued...more
The US Department of Defense (DoD) has issued a new proposed rule for implementing the next iteration of the Cybersecurity Maturity Model Certification (CMMC) 2.0 program. This action drives forward the DoD’s plans to bolster...more
The Georgia Tech case serves as yet another reminder of the importance of contractor compliance with cybersecurity requirements in federal contracts. The Government alleges that Georgia Tech failed to comply with the...more
Recently, the National Institute of Standards and Technology (NIST) released its second public draft of Digital Identity Guidelines (Draft Guidelines). The Draft Guidelines focus on online identity verification, but several...more
Sequels are rarely better than the films that precede them, and yet, sometimes a story is just too compelling to be limited to just one film. At the tail end of a summer full of Hollywood sequels, the Department of Defense...more
Some might say there’s little difference between dealing with the devil and being a federal contractor. And for the unwary or unprepared, that may not be far off. Federal contracting comes with a litany of “fine print” that...more
Cybersecurity requirements for federal contractors and grantees continue to proliferate—and those requirements do not just come with contractual risk. Increasingly, the United States government is leveraging enforcement...more
On Thursday, August 22, 2024, the United States Department of Justice (“DOJ”) filed a Complaint-In-Intervention in the case of United States of America ex rel. Christopher Craig and Kyle Koza, v. Georgia Tech Research Corp....more
As the presidential race rages on, so too does the race to fully implement the Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The CMMC 2.0 program impacts Defense Industrial Base (DIB) contractors and...more
Late last week, the U.S. Department of Justice (DOJ) filed its complaint-in-intervention in a qui tam lawsuit against the Georgia Institute of Technology (Georgia Tech), alleging that the university failed to meet certain...more
On August 15, 2024, the Department of Defense (DOD) announced the much-anticipated Proposed Rule that would amend the Defense Federal Acquisition Regulation Supplement (DFARS) to include Cybersecurity Maturity Model...more
On August 15, 2024, the Department of Defense (DoD) published a proposed rule to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to incorporate contractual requirements related to the Cybersecurity...more
Last week, the U.S. Department of Defense (DoD) released a proposed amendment to the Defense Acquisition Regulations Supplement (DFARS) that would require a Cybersecurity Maturity Model Certification (CMMC) program to become...more
The U.S. Department of Defense (DOD) issued the proposed Defense Federal Acquisition Regulation Supplement (DFARS) rules that will implement the Cybersecurity Maturity Model Certification (CMMC) program. These rules, which...more
The United States Department of Defense (DoD) took another big step on the path to instituting its highly anticipated Cybersecurity Maturity Model Certification 2.0 program (CMMC 2.0). Once finalized, CMMC 2.0 will establish...more
The proposed rule to implement the Cybersecurity Maturity Model Certification (“CMMC”) program in the Defense Federal Acquisition Regulation Supplement (“DFARS”) was published in the Federal Register on August 15, 2024 and...more
WHAT: The U.S. Department of Defense (DOD) just published the second of two proposed rules setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The earlier...more
On August 15, the Department of Defense (DoD) published a proposed rule to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to incorporate contractual requirements related to the proposed Cybersecurity...more
The Cybersecurity Maturity Model Certification (CMMC) Program has been a headache for many defense contractors since the idea was first introduced in 2019. The program seeks to protect unclassified information, including...more
Concerns regarding the integrity of the U.S. defense industrial base supply chain continue to grow. Similar to national cybersecurity risks, national security risks to the defense supply chain are asymmetric and can arise at...more
In May, the National Institute of Standards and Technology (NIST) issued updated recommendations for security controls for controlled unclassified information (CUI) that is processed, stored or transmitted by nonfederal...more
When hackers gain access to a subcontractor’s information systems and divert the prime contractor’s payment to themselves instead of to the subcontractor, does the prime contractor still have to pay the subcontractor?...more
On May 14, 2024, the National Institute of Standards and Technology (NIST) dropped the third remix…er, revision…of its Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems...more
Earlier this month (on May 2, 2024) the Defense Department (DOD) issued Class Deviation—Safeguarding Covered Defense Information and Cyber Incident Reporting effective that day....more
The National Institute of Standards and Technology (NIST) released the third revision of its Special Publication (SP) 800-171, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations." This...more