News & Analysis as of

Cybersecurity Compliance DFARS

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
McCarter & English Blog: Government Contracts...

The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

McCarter & English Blog: Government Contracts... on

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more

Morgan Lewis

Regulatory Shifts in Aerospace and Defense: What Businesses Need to Know as 2025 Takes Flight

Morgan Lewis on

The aerospace and defense industry is facing a rapidly shifting legal landscape in 2025, shaped by regulatory updates, enforcement trends, and geopolitical considerations. With increased scrutiny on foreign investments,...more

Cozen O'Connor

FAR Proposed Controlled Unclassified Information Rule: A Path Toward Standardization

Cozen O'Connor on

On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more

Sheppard Mullin Richter & Hampton LLP

At Long Last – The FAR CUI Rule is Here! 

Sheppard Mullin Richter & Hampton LLP on

The wait is finally over! After more than 14 years of anticipation, the Federal Acquisition Regulation (“FAR”) Proposed Rule on Controlled Unclassified Information (“CUI”) was released on January 15, 2025 and comes as part of...more

Jenner & Block

Client Alert: FAR Council Issues Long-Awaited Proposed Rule to Implement Controlled Unclassified Information Program

Jenner & Block on

On January 15, 2025, the Department of Defense (DOD), General Services Administration (GSA), and the National Aeronautics and Space Administration (NASA) (collectively, “the FAR Council”) issued a long-anticipated proposed...more

McCarter & English Blog: Government Contracts...

They Did It. They Really Did It! The Arrival of the FAR CUI Proposed Rule

McCarter & English Blog: Government Contracts... on

After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more

Sheppard Mullin Richter & Hampton LLP

Governmental Practice Cybersecurity and Data Protection: 2024 Recap & 2025 Forecast Alert

Sheppard Mullin Richter & Hampton LLP on

To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more

Health Care Compliance Association (HCCA)

Penn State, GA Tech Cybersecurity Cases Join 10 Others FCA Attorney Has Under Seal

Health Care Compliance Association (HCCA) on

Note to research compliance officials still digesting news of Pennsylvania State’s recent $1.25 million settlement over False Claims Act (FCA) allegations related to cybersecurity and the government’s recent intervention in a...more

Vinson & Elkins LLP

DoD Releases Final CMMC Program Rule, Formally Initiating Its Cybersecurity Program

Vinson & Elkins LLP on

On October 15, 2024, the Department of Defense (“DoD”) released its final rule (the “Final Rule”) formally establishing the Cybersecurity Maturity Model Certification (“CMMC”) program, nearly three years after first...more

Bass, Berry & Sims PLC

DoD Announces Cybersecurity Maturity Model Certification 2.0 Final Rule (Finally!)

Bass, Berry & Sims PLC on

After numerous fits and starts, on October 14, the Department of Defense (DoD) published a final rule implementing the Cybersecurity Maturity Model Certification (CMMC) program. Borne from documented deficiencies in the...more

Wiley Rein LLP

DOJ Continues Crackdown on Cybersecurity Compliance with $1.25M FCA Settlement

Wiley Rein LLP on

The Department of Justice (DOJ) secured another win for its Civil Cyber-Fraud Initiative last week when it resolved a False Claims Act (FCA) action[1] alleging Pennsylvania State University (Penn State) failed to comply with...more

Snell & Wilmer

Department of Defense Finalizes Rule Adding New Cybersecurity Requirements for Defense Contractors and Subcontractors

Snell & Wilmer on

The U.S. Department of Defense (DOD) has published a Final Rule to implement the Cybersecurity Maturity Model Certification (CMMC) program, which establishes minimum cybersecurity requirements for nearly all DOD contracts....more

Holland & Knight LLP

15 Key Takeaways from the Final CMMC Program Rule Issued by DOD

Holland & Knight LLP on

The U.S. Department of Defense (DOD) has long questioned whether contractors and their supply chains have been fully compliant with existing cybersecurity requirements aimed at protecting Controlled Unclassified Information...more

Pillsbury Winthrop Shaw Pittman LLP

U.S. Government Intervenes in Georgia Tech Cybersecurity False Claims Case

Pillsbury Winthrop Shaw Pittman LLP on

The Georgia Tech case serves as yet another reminder of the importance of contractor compliance with cybersecurity requirements in federal contracts. The Government alleges that Georgia Tech failed to comply with the...more

McCarter & English Blog: Government Contracts...

DOJ Went Down to Georgia: Lessons Learned from Recent Cybersecurity Enforcement Actions

McCarter & English Blog: Government Contracts... on

Some might say there’s little difference between dealing with the devil and being a federal contractor. And for the unwary or unprepared, that may not be far off. Federal contracting comes with a litany of “fine print” that...more

Dorsey & Whitney LLP

DOJ on Campus: DOJ’s First Intervention in False Claims Act Case Alleging University Knowingly Failed to Meet Contractual...

Dorsey & Whitney LLP on

Cybersecurity requirements for federal contractors and grantees continue to proliferate—and those requirements do not just come with contractual risk. Increasingly, the United States government is leveraging enforcement...more

Alston & Bird

Department of Justice Intervenes in Cybersecurity Qui Tam Action Against Georgia Tech

Alston & Bird on

On Thursday, August 22, 2024, the United States Department of Justice (“DOJ”) filed a Complaint-In-Intervention in the case of United States of America ex rel. Christopher Craig and Kyle Koza, v. Georgia Tech Research Corp....more

Holland & Knight LLP

DOJ Brings Suit Against University Under Its Civil Cyber-Fraud Initiative

Holland & Knight LLP on

Late last week, the U.S. Department of Justice (DOJ) filed its complaint-in-intervention in a qui tam lawsuit against the Georgia Institute of Technology (Georgia Tech), alleging that the university failed to meet certain...more

Holland & Knight LLP

The Pentagon's CMMC Program Takes a Big Step Forward

Holland & Knight LLP on

The U.S. Department of Defense (DOD) issued the proposed Defense Federal Acquisition Regulation Supplement (DFARS) rules that will implement the Cybersecurity Maturity Model Certification (CMMC) program. These rules, which...more

McDermott Will & Emery

DoD Issues Proposed DFARS Rule to Implement CMMC 2.0

McDermott Will & Emery on

The US Department of Defense (DoD) took the next step in implementing the Cybersecurity Maturity Model Certification (CMMC) Program on August 15, 2024, when it issued a Proposed Rule to amend the Defense Federal Acquisition...more

WilmerHale

8 Questions To Ask Before Final CISA Breach Reporting Rule

WilmerHale on

On April 4, the Cybersecurity and Infrastructure Security Agency published a notice of proposed rulemaking setting out mandatory reporting requirements for covered entities that experience cybersecurity incidents or make...more

Mayer Brown

US DoD Issues Class Deviation Delaying DFARS Implementation of Upcoming NIST SP 800-171, Revision 3

Mayer Brown on

On May 2, 2024, the Department of Defense (DoD) issued a class deviation to DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting. The deviation relates to contractors’ compliance with...more

Oberheiden P.C.

Defense Department Looks to Update DFARS Cybersecurity Compliance Requirements

Oberheiden P.C. on

Over the holidays, the U.S. Department of Defense (DoD) issued proposed rules for updating its Cybersecurity Maturity Model Certification (CMMC) program from its existing Defense Acquisition Regulatory Supplement (DFARS)...more

Holland & Knight LLP

Department of Defense Releases Long-Awaited CMMC Proposed Rule

Holland & Knight LLP on

Two years after announcing the second iteration of the U.S. Department of Defense's (DoD) Cybersecurity Maturity Model Certification (CMMC) program, the DoD released its proposed rule that, if adopted, will implement the...more

Sheppard Mullin Richter & Hampton LLP

Update – DOJ Declines to Intervene in Penn State Cyber-Related FCA Case

Sheppard Mullin Richter & Hampton LLP on

A few weeks ago, we discussed two recent cyber-related False Claims Act (FCA) cases. One of those cases is a qui tam lawsuit against Penn State and, as of the date of our article, we were waiting to see if DOJ would opt to...more

43 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide