Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Understanding FOCI Mitigation
Work This Way: A Labor & Employment Law Podcast - Episode 28: Construction Compliance with Joan Moore and Mim Munzel of The Arbor Consulting Group
False Claims Act Insights - If Everything Matters, Nothing Does: Parsing Materiality in FCA Disputes
Build America Buy America What is it? How to qualify.
Podcast - Navigating M&A Due Diligence: Safeguarding Security Clearances
Work This Way: A Labor & Employment Law Podcast - Episode 26: Compensation Compliance with Joan Moore and Mim Munzel of The Arbor Consulting Group
DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
An In-Depth Overview of the DCSA
Sustainable Procurement: A Closer Look at the New Federal Acquisition Regulation (FAR)
DE Under 3: Retirement of “Chevron Doctrine” Exposed Vulnerability of OFCCP’s Overreaching Interpretations of Some of its Rules
Legal Alert | Reign It In: Federal Court Enjoins DOL's Expansion of Davis-Bacon Coverage
Common Scenarios Triggering False Claims Act Violations, Part 3: Claims and Investigations
DE Under 3: OFCCP Must Shut Down its Administrative Court Prosecutions as a Result of SCOTUS’ SEC Jury Trial Case Decision
Common Scenarios Triggering False Claims Act Violations, Part 1: Gov. Contracts and Cybersecurity
DE Under 3: OFCCP’s New Revisions & Additions to its Construction Contractor Compliance Audit Tools
Clocking in with PilieroMazza: Second Chance Initiatives: Hiring Workers with Criminal Histories
DE Under 3: OFCCP VEVRAA Guidance Clarifies Protected Veteran “Benchmark for hiring” is Not a Hard Number Quota
AI Risks for Government Contractors: Navigating Disputes and Litigation
DE Under 3: OFCCP Changes Up Important Technical Details of its Audit Selection Process in First FY 2024 CSAL
The U.S. Department of Justice (DOJ) filed its first major complaint-in-intervention under the False Claims Act (FCA) premised on a government contractor’s alleged cybersecurity deficiencies since the DOJ’s Civil Cyber-Fraud...more
Cybersecurity Maturity Model Certification (CMMC) is coming — and now appears to be coming faster than many defense contractors believed. In the latest signal of CMMC’s forward momentum, the Department of Defense (DoD) issued...more
In this episode of "Regulatory Phishing," Government Contracts and Cybersecurity attorney Eric Crusius delves into the latest developments from the Cybersecurity Maturity Model Certification (CMMC) program, National Institute...more
The Georgia Tech case serves as yet another reminder of the importance of contractor compliance with cybersecurity requirements in federal contracts. The Government alleges that Georgia Tech failed to comply with the...more
Recently, the National Institute of Standards and Technology (NIST) released its second public draft of Digital Identity Guidelines (Draft Guidelines). The Draft Guidelines focus on online identity verification, but several...more
An unprecedented cyber qui tam action involving Georgia Tech’s alleged failure to comply with certain cybersecurity controls underscores the importance of having advanced cyber requirements for federal contractors. Our...more
On Thursday, August 22, 2024, the United States Department of Justice (“DOJ”) filed a Complaint-In-Intervention in the case of United States of America ex rel. Christopher Craig and Kyle Koza, v. Georgia Tech Research Corp....more
Late last week, the U.S. Department of Justice (DOJ) filed its complaint-in-intervention in a qui tam lawsuit against the Georgia Institute of Technology (Georgia Tech), alleging that the university failed to meet certain...more
As discussed in a previous post, in 2022, the Quantum Computing Cybersecurity Preparedness Act ordered an examination of federal administrative agencies' data cryptography to prepare for a future where quantum computing is...more
WHAT: The U.S. Department of Defense (DOD) just published the second of two proposed rules setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The earlier...more
The Cybersecurity Maturity Model Certification (CMMC) Program has been a headache for many defense contractors since the idea was first introduced in 2019. The program seeks to protect unclassified information, including...more
The Department of Defense (DoD) is currently reviewing and adjudicating the public comments received in response to its proposed regulations implementing its Cybersecurity Maturity Model Certification 2.0 program (CMMC)....more
In May 2024, the National Institute of Standards and Technology (NIST) published Special Publication 800-171 Rev 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, and the accompanying...more
In May, the National Institute of Standards and Technology (NIST) issued updated recommendations for security controls for controlled unclassified information (CUI) that is processed, stored or transmitted by nonfederal...more
As we promised a trilogy in our earlier 2024 CMMC Blog – “Get Ahead of Compliance: The Proposed Rule for the Cybersecurity Maturity Model Certification (CMMC 2.0) Is Out!” – we continue our series with a discussion of each...more
7(a) Loan Approval for Borrowers with Unresolved COVID-19 Pandemic Loan Compliance Issues: On May 21, SBA’s OIG issued an inspection report assessing SBA’s 7(a) loan approval process for borrowers with unresolved pandemic...more
On May 14, 2024, the National Institute of Standards and Technology (NIST) dropped the third remix…er, revision…of its Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems...more
Earlier this month (on May 2, 2024) the Defense Department (DOD) issued Class Deviation—Safeguarding Covered Defense Information and Cyber Incident Reporting effective that day....more
The National Institute of Standards and Technology (NIST) released the third revision of its Special Publication (SP) 800-171, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations." This...more
On May 2, 2024, the Department of Defense (DoD) issued a class deviation to DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting. The deviation relates to contractors’ compliance with...more
On May 2, the Department of Defense (DOD) issued a class deviation to DFARS 252.204-7012 “to provide industry time for a more deliberate transition upon the forthcoming release of [National Institute of Standards and...more
WHAT: On May 2, 2024, the U.S. Department of Defense (DOD) issued a Defense Federal Acquisition Regulation Supplement (DFARS) class deviation related to the cybersecurity standards required for covered contractor information...more
In March 2024, the Cybersecurity and Infrastructure Security Agency (CISA) released the final version of its secure software development self-attestation common form (Form), requiring federal government contractors who...more
On February 19, 2024, the Department of Justice (“DOJ”) notified the U.S. District Court for the Northern District of Georgia that it would intervene in a False Claims Act (“FCA”) case filed against Georgia Tech Research...more
WHAT: The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) published the final version of its Secure Software Development Attestation Common Form (Common Form) and announced...more