CMMC Mission Readiness: Navigating Growth, Costs, and Competition for Defense Contractors
Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - The Role of Managed Service Providers with Stuart Itkin
The When, Where, Why and How of CMMC with Fernando Machado
Podcast - The State of Contractor Cybersecurity with Katie Arrington
What Do the Newly Released CMMC 2.1 Documents Mean?
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
Cybersecurity for Government Contractors: Success Through Compliance Readiness
Torres Talks Trade Podcast- Episode 2- Cybersecurity, the Department of Defense, and the Private Sector/Government Contracting
[Podcast] Cybersecurity Maturity Model Certification (CMMC) 2.0 – What Federal Contractors Need To Know
Compliance Into The Weeds - Retreat on DoD Cybersecurity for Contractors
Cybersecurity and 889 Compliance in 2021: What Government Contractors Need to Know
Marti Arvin and Anthony Buenger on the CMMC Framework
COVID-19’s Impact on Cybersecurity – Don’t Let Your Data Privacy, Security and Regulatory Compliance Waver
Government Contracts Cyber Café Series: Documentation - Straight Talk About CMMC
CMMC Is Coming: Are You Ready?
Government Contracts Cyber Café: 2019 Wrap Up and Privacy, CMMC, and GRC in 2020
South Korea has become one of the fastest-growing defense markets on the planet. Korea’s defense exports reached $15.4 billion in 2025, surging 60% year-on-year, driven largely by major contracts with Poland and other...more
The timing has rarely been better for Korean companies to pursue U.S. government contracts. The White House and the Republic of Korea signed a Technology Prosperity Deal MOU in October 2025 covering AI, semiconductors,...more
AI is now embedded in core defense mission systems, acquisition planning, and contract administration. The legal, compliance, and contractual risks that follow are fast-growing and consequential — capable of derailing...more
Recent developments in generative artificial intelligence (AI), exemplified by the release of Anthropic’s Claude Mythos Preview, have enhanced the automated detection and exploitation of software vulnerabilities....more
With all the noise and hype around Cybersecurity Maturity Model Certification (CMMC) compliance, it can be hard to track what practical steps an organization should take to ensure that it is still able to bid on government...more
A defense contractor scores itself at -142 on a cybersecurity self-assessment, then waits nearly a year — and a federal subpoena — before correcting the record. A genomics company sells sequencing systems riddled with...more
On January 5, 2026, the U.S. General Services Administration (GSA) released Revision 1 of its IT Security Procedural Guide, “Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations...more
The Trump Administration recently released its “Cyber Strategy for America” (Strategy) emphasizing modernization of federal networks, streamlined “common sense” regulation, and supply chain risk reduction across several...more
In every crisis, half the room runs in circles while the other half picks up a clipboard and starts taking stock. The Anthropic-Pentagon dispute is that crisis, and defense contractors are deciding which half they want to be...more
GSA MAS Refresh #31: Key Changes and Updates Every Contractor Should Know - The General Services Administration (GSA) announced back in January that Multiple Award Schedule (MAS) Solicitation 47QSMD20R0001 – Refresh # 31...more
Last month, the Department of Justice (DOJ) released its statistics for False Claims Act (FCA) enforcement during fiscal year 2025. Settlements and judgments exceeded a record-breaking $6.8 billion, and the DOJ recorded the...more
The Cybersecurity Maturity Model Certification (CMMC) is now a business reality for defense contractors—and how contractors respond will directly impact growth, pricing, and competitive positioning. With CMMC Phase 1 now...more
The landscape is shifting under the feet of government contractors as it is quickly becoming apparent that those who do not assess their security obligations now may be excluded from contract awards in the near future...more
Deregulation does not necessarily mean decreased enforcement. Even as the Trump administration has reduced federal regulations through executive orders and agency action, the U.S. Department of Justice (DOJ) continues to...more
“I felt a great disturbance in the Force, as if millions of voices suddenly cried out in terror and were suddenly silenced.” When Obi-Wan Kenobi says this in Star Wars: Episode IV – A New Hope, he senses that something...more
The U.S. General Services Administration (GSA) on January 5, 2026, quietly introduced a new cybersecurity compliance framework that will significantly reshape the information technology (IT) obligations of thousands of...more
Privacy and cybersecurity developments in 2025 were driven by ongoing regulatory development and enforcement. In the United States, federal and state authorities advanced detailed security, audit, and reporting frameworks....more
Hopefully, you have already read our prior post about the General Services Administration’s (GSA) updated guide (the Guide) for protecting Controlled Unclassified Information (CUI). We quote some Bob Dylan, provide a brief...more
On Dec. 18, 2025, the Department of Defense (DoD) issued deviations to over half of the Defense Federal Acquisition Regulation Supplement (DFARS) Parts, all of which became effective Feb. 1, 2026. Two days later, DoD issued a...more
For government contractors and subcontractors, particularly those in the defense sector, 2026 is shaping up to be a pivotal year. Legal developments, policy shifts, and regulatory announcements over the last year are...more
The Department of Justice (DOJ) recently announced that False Claims Act (FCA) settlements and judgments exceeded $6.8 billion in fiscal year 2025. This massive haul is the largest annual recovery in the statute’s storied...more
In January, the General Services Administration (GSA) continued to expand cybersecurity requirements across its contracting vehicles in a manner that shares key principles with the Department of Defense’s (DoD) Cybersecurity...more
Over the past decade, a vibrant defense‑innovation ecosystem has emerged across the U.S. and Europe, powered by venture‑backed defense tech startups, dual‑use technology companies, and commercial‑first innovators entering...more
In January, the General Services Administration’s (GSA) Office of the Chief Information Security Officer issued a new procedural guide, CIO-IT Security-21-112 Rev. 1, that sets expectations for protecting Controlled...more