On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more
4/28/2025
/ Compliance ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Contracts ,
Department of Defense (DOD) ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Government Agencies ,
New Guidance ,
NIST ,
Regulatory Requirements ,
Subcontractors ,
Supply Chain
As St. Patrick’s Day approaches, many of us are on the lookout for four-leaf clovers, a pot of gold, or perhaps even a mischievous leprechaun guarding his treasure. But in the world of government contracting, the real...more
After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more
1/17/2025
/ Compliance ,
Controlled Unclassified Information (CUI) ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Protection ,
Department of Defense (DOD) ,
DFARS ,
Employee Training ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NARA ,
NIST ,
Proposed Rules ,
Risk Management ,
Software ,
Subcontractors ,
Supply Chain ,
System For Award Management (SAM)
Over the course of the past few years, gallons of ink have been spilled addressing the seemingly ever-pending US Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) Program. After keeping us...more
Some might say there’s little difference between dealing with the devil and being a federal contractor. And for the unwary or unprepared, that may not be far off. Federal contracting comes with a litany of “fine print” that...more
9/5/2024
/ Chief Information Officers (CIO) ,
Compliance ,
Cybersecurity ,
Department of Defense (DOD) ,
Department of Justice (DOJ) ,
DFARS ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Information Technology ,
Relators ,
Risk Management ,
Whistleblowers
On May 14, 2024, the National Institute of Standards and Technology (NIST) dropped the third remix…er, revision…of its Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems...more
On December 26, 2023, the Department of Defense (“DoD”) belatedly gifted defense contractors and subcontractors a Proposed Rule on the Cybersecurity Maturity Model Certification (“CMMC”) Program. DoD also released eight CMMC...more
2/14/2024
/ Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Contracts ,
Department of Defense (DOD) ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NIST ,
Proposed Rules ,
Risk Assessment ,
Risk Management ,
Subcontractors
On October 25, 2023, the Department of Defense (DoD) published a Proposed Rule amending the Department of Defense Federal Acquisition Regulation Supplement (DFARS) and permanently authorizing the DoD Mentor-Protégé Program...more
For just shy of a decade, the Defense Industrial Base (DIB) has had to operate under rules dictating the safeguarding of Controlled Unclassified Information, along with a strict 72-hour notification requirement if/when/should...more
Four memoranda, released in the last several business days, provide federal contracting officers guidance and suggested clauses to implement President Biden’s Executive Order 14042 (the Executive Order) in federal contracts...more
10/7/2021
/ Americans with Disabilities Act (ADA) ,
Coronavirus/COVID-19 ,
Department of Defense (DOD) ,
DFARS ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
General Services Administration (GSA) ,
Joe Biden ,
OMB ,
Reasonable Accommodation ,
Religious Exemption ,
Subcontractors ,
Vaccinations
When entering a casino, professional gamblers understand that “the house doesn’t beat the player. It just gives him the opportunity to beat himself.” This axiom is precisely why in the long run casinos make money, while...more
On April 8, 2020, the Department of Defense (“DoD”) issued a Class Deviation authorizing contracting officers to use a new cost principle – DFARS 231.205-79, CARES Act Section 3610 Implementation – to permit the reimbursement...more
So you want to acquire a government contractor? Makes sense, and you’re not alone. Over the past few years, the federal contracting landscape continues to evolve as a result of mergers and acquisitions (M&A), primarily...more
Cybersecurity. It’s never over, is it? In what can only be described as a “soft” release, the Department of Defense (DoD) has slowly and quietly begun to reveal its intent to provide federal contractors with formal...more
Cough…cough…ahem…cough… Any contractor who has had the misfortune of dealing with the Defense Contract Audit Agency (DCAA) likely knows all too well that the agency is the Will Rogers of costs – it never met a cost it didn’t...more
If you are aware of German Christmas folklore (and really, who isn’t?), you know that Belsnickel is a legendary companion of St. Nick who carries a switch with which to punish naughty children and a pocketful of sweets to...more