WHAT: The U.S. Department of Defense (DOD) just published the second of two proposed rules setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The earlier...more
8/16/2024
/ Controlled Unclassified Information (CUI) ,
Corporate Counsel ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NIST ,
Proposed Rules ,
Reporting Requirements
In May 2024, the National Institute of Standards and Technology (NIST) published Special Publication 800-171 Rev 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, and the accompanying...more
WHAT: On May 2, 2024, the U.S. Department of Defense (DOD) issued a Defense Federal Acquisition Regulation Supplement (DFARS) class deviation related to the cybersecurity standards required for covered contractor information...more
WHAT: The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) published the final version of its Secure Software Development Attestation Common Form (Common Form) and announced...more
In this episode, Wiley partners Gary Ward, Tracye Howard, and Craig Smith examine the ongoing developments related to implementation of the Cybersecurity Maturity Model Certification (CMMC) program. They discuss the current...more
WHAT: On February 16, 2024, the U.S. Department of Defense (DOD) posted a 40-minute video overview of DOD’s proposed requirements for the Cybersecurity Maturity Model Certification (CMMC) program. The video is available here,...more
WHAT: The U.S. Department of Defense (DOD) has issued a proposed rule setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The proposed rule primarily...more
WHAT: The U.S. Department of Defense (DOD) has issued a proposed rule setting forth the requirements for its long-anticipated Cybersecurity Maturity Model Certification 2.0 (CMMC) program. The proposed rule primarily...more
WHAT: On December 13, 2023, the Department of Defense (DoD) proposed amendments to the National Industrial Security Program Operating Manual (NISPOM) that seek to address the public comments it received in response to its...more
WHAT: As we previously reported here, on October 3, 2023, the Federal Acquisition Regulatory Council (FAR Council) proposed a pair of major cybersecurity rules intended to implement key parts of President Biden’s May 2021...more
10/12/2023
/ Cloud Computing ,
Controlled Unclassified Information (CUI) ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
DFARS ,
Executive Orders ,
FBI ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Information Technology ,
Internet of Things ,
Software ,
Subcontractors
WHAT: The Federal Acquisition Regulatory Council (FAR Council) proposed a pair of major cybersecurity rules intended to implement key parts of President Biden’s May 2021 Executive Order No. 14028 on Improving the Nation’s...more
WHAT: After previewing earlier this year that it was reconsidering its existing precedent, the Federal Circuit held yesterday that the requirement that contractors state a “sum certain” in claims brought under the Contract...more
WHAT: On May 5, 2023, the United States Court of Appeals for the Federal Circuit questioned its previous understanding that the requirement to state a “sum certain” as part of any monetary claim under the Contract Disputes...more
As Craig Smith and Gary Ward recently discussed in our latest Wiley Government Contracts podcast episode, “What to Expect in Government Contracts This Year,” Fiscal Year 2023 is shaping up to be an interesting year for GAO...more
WHAT: The United States Court of Appeals for the Federal Circuit has reversed Appeals of Raytheon Company, ASBCA Nos. 60061 et al, 21-1 BCA 37,796 (Feb. 1, 2021), which found Raytheon’s policies for tracking potentially...more
WHAT: The U.S. Government Accountability Office (GAO) released its Annual Report on Bid Protests for Fiscal Year (FY) 2022. Based on its reported data, GAO received fewer protests for the fifth year in a row. GAO’s sustain...more
Last November, the U.S. Department of Defense (DOD) announced sweeping changes to the Cybersecurity Maturity Model Certification (CMMC) program in a new “version 2.0.” Although we are still awaiting the interim regulations,...more
4/20/2022
/ Chief Information Officers (CIO) ,
Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
DCMA ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
Internet of Things ,
NIST ,
Popular ,
Risk Management ,
Third Party Assessment Organization (3PAO)
WHAT: At a recent Town Hall Meeting hosted by the Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB), a Defense Contract Management Agency (DCMA) representative announced that DCMA will begin assessing...more
WHAT: In a decision released on February 4, 2022, the Court of Federal Claims (COFC) declined to follow the Government Accountability Office’s (GAO’s) rule that offerors are obligated to inform agencies when proposed key...more
WHAT: On December 7, 2021, the United States Court of Appeals for the Federal Circuit (Federal Circuit) issued a decision in Harmonia Holdings Grp., LLC v. United States, No. 2020-1538, preserving the waiver rule established...more
WHAT: On November 4, 2021, the U.S. Department of Defense (DOD) announced the completion of a months-long internal review and significant changes to the strategic direction of its Cybersecurity Maturity Model Certification...more
11/8/2021
/ Controlled Unclassified Information (CUI) ,
Corporate Counsel ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Protection ,
Data Security ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
NIST ,
Popular
It is hard to believe 2021 is in the back stretch. At the beginning of the year, we made predictions of what might come from the change in Administration in 2021. In this article, we take a look at what has happened in 2021...more
On May 12, the Biden Administration issued an Executive Order (EO) setting in motion an ambitious plan to rapidly strengthen the cybersecurity posture of the Federal government and its contractors, service providers, and...more
On May 12, 2021, President Biden issued the long-expected Executive Order on Improving the Nation’s Cybersecurity (“EO” or “Order”). The EO comes amidst a series of high-profile cyber-attacks on the Nation and its critical...more
5/13/2021
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cyber Crimes ,
Cybersecurity ,
Executive Orders ,
Federal Contractors ,
Information Technology ,
National Security ,
Private Sector ,
Reporting Requirements ,
Supply Chain
Cybersecurity has been an increasingly important compliance area for government contractors for more than a decade. Over the past year, the U.S. Department of Defense (DOD) has been laying the foundation for a new...more