News & Analysis as of July 15, 2025

Federal Contractors

+ Follow

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now. less -

Trump Reverses Key Biden-Era Cyber Directives: Important Updates to Federal Cybersecurity Priorities

Quarles & Brady LLP on 7/1/2025

Earlier this month, President Trump issued an Executive Order, “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144” (EO), which amends both Biden...more

Building the Cyber Fortress: New Cybersecurity Executive Order Targets Quantum, AI, and Supply Chain Security

McCarter & English Blog: Government Contracts... on 6/16/2025

On June 6, 2025, President Trump issued a new executive order, “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144” (EO), signaling the construction...more

Cyber Risk, Real Consequences: DOJ Steps Up Enforcement

Dickinson Wright on 5/22/2025

Government efforts to enforce cybersecurity control requirements have moved forward in the opening months of the Trump administration. Regardless of the changes coming to other areas of contracting and the Federal Acquisition...more

GSA Announces Overhaul of FedRAMP with Emphasis on Industry Input and Automation

Holland & Knight LLP on 4/8/2025

The U.S. General Services Administration (GSA) recently announced plans to develop the Federal Risk and Authorization Management Program (FedRAMP) 20x – a new approach to the government-wide program for the security...more

DOD Mandates Use of Software Acquisition Pathway for Software Development Procurements

Wiley Rein LLP on 3/26/2025

WHAT: Department of Defense (DOD) Secretary Pete Hegseth issued a memorandum titled “Directing Modern Software Acquisition to Maximize Lethality” that is intended to reform DOD’s procurement involving software development....more

FAR Council Unveils Long-Anticipated Rule for Controlled Unclassified Information

Wiley Rein LLP on 1/29/2025

WHAT: The FAR Council published a proposed rule to incorporate the Controlled Unclassified Information (CUI) Program into the acquisition process and, in doing so, seeks to more clearly define government and contractor roles...more

DOJ Continues Crackdown on Cybersecurity Compliance with $1.25M FCA Settlement

Wiley Rein LLP on 10/29/2024

The Department of Justice (DOJ) secured another win for its Civil Cyber-Fraud Initiative last week when it resolved a False Claims Act (FCA) action[1] alleging Pennsylvania State University (Penn State) failed to comply with...more

Federal Cybersecurity Requirements Ought Not Be Ignored by Contractors

Troutman Pepper Locke on 10/9/2024

Since 2016, the federal government has implemented numerous procurement regulations and associated contract clauses to address cybersecurity by requiring contractors to adopt various controls and standards to protect...more

New Rule Requires Defense Contractors to Meet Cybersecurity Standards

Harris Beach Murtha PLLC on 9/30/2024

The Office of Information and Regulatory Affairs (OIRA) recently cleared the final rule for the U. S. Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) program, putting the agency one step closer to...more

DOJ Went Down to Georgia: Lessons Learned from Recent Cybersecurity Enforcement Actions

McCarter & English Blog: Government Contracts... on 9/5/2024

Some might say there’s little difference between dealing with the devil and being a federal contractor. And for the unwary or unprepared, that may not be far off. Federal contracting comes with a litany of “fine print” that...more

NIST Releases Three Post-Quantum Cryptography Standards

Holland & Knight LLP on 8/20/2024

As discussed in a previous post, in 2022, the Quantum Computing Cybersecurity Preparedness Act ordered an examination of federal administrative agencies' data cryptography to prepare for a future where quantum computing is...more

FedRAMP Rewritten: OMB Publishes Guidance with FedRAMP’s Updated Vision, Scope and Governance Structure

BakerHostetler on 8/13/2024

To dramatically scale up the Modernizing the Federal Risk and Authorization Management Program (FedRAMP) marketplace, the Office of Management and Budget (OMB) has completely rewritten FedRAMP’s vision, scope and governance...more

Data, Deals, and Diplomacy: How the Bulk Data Executive Order Will Shape Future Contracts and Security Practices

Sheppard Mullin Richter & Hampton LLP on 6/27/2024

For companies in the U.S. that hold certain personal data and U.S. Government-related data, rules stemming from recent Executive Order (“EO”) 14117 on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United...more

CISA Unveils Final Self-Attestation Form for Software Producers Bidding on Federal Contracts

PilieroMazza PLLC on 5/1/2024

In March 2024, the Cybersecurity and Infrastructure Security Agency (CISA) released the final version of its secure software development self-attestation common form (Form), requiring federal government contractors who...more

CISA Cyber Incident Reporting for Critical Infrastructure Will Significantly Impact Government Contractors, Suppliers, and Service...

Sheppard Mullin Richter & Hampton LLP on 4/9/2024

The Cybersecurity and Infrastructure Security Agency (“CISA”) recently released its new Proposed Rule pursuant to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which was published in the...more

“FAR” Reaching Consequences: Proposed FAR Cybersecurity Requirements Will Add New Obligations for Contractors

Paul Hastings LLP on 10/25/2023

Earlier this month the Federal Acquisition Regulation (“FAR”) Council released two draft rules which would impose new cybersecurity requirements for federal contractors. The proposed rules, Cyber Threat and Incident Reporting...more

Update: FAR Council Proposes Pair of Major Cybersecurity Rules for Government Contracts

Wiley Rein LLP on 10/12/2023

WHAT: As we previously reported here, on October 3, 2023, the Federal Acquisition Regulatory Council (FAR Council) proposed a pair of major cybersecurity rules intended to implement key parts of President Biden’s May 2021...more

Interim Rule Effective in December Establishes Requirements for Contractors to Remove Identified Products and Services from the...

Sheppard Mullin Richter & Hampton LLP on 10/12/2023

On October 5, 2023, the FAR Council released an Interim Rule on “Implementation of Federal Acquisition Supply Chain Security Act (FASCSA) Orders.” The Interim Rule implements requirements from Section 202 of the Federal...more

The FAR Council’s Proposed Cybersecurity Overhaul: Lots Of Questions, But Only Some Answers

Morrison & Foerster LLP - Government... on 10/9/2023

In what can best be described as a tsunami of cybersecurity regulation, the Federal Acquisition Regulation (FAR) Council—consisting of the Department of Defense (DoD), General Services Administration (GSA), and National...more

New Cybersecurity FAR Rules Poised to Have a Major Impact on Contractors

Holland & Knight LLP on 10/5/2023

The Federal Acquisition Regulatory (FAR) Council on Oct. 3, 2023, issued two proposed rules to partially implement President Biden's Executive Order on Improving the Nation's Cybersecurity. The first proposed rule imposes...more

U.S. government bans the use of TikTok under government contracts

Hogan Lovells on 6/13/2023

On June 2, 2023, the U.S. Government issued an interim rule that bans the use of the popular social media application, TikTok, from government contracting. The Department of Defense (DoD), General Services Administration...more

NIST Releases Initial Public Draft of NIST SP 800-171, Revision 3 for Protection of Sensitive Government Information

Sheppard Mullin Richter & Hampton LLP on 5/26/2023

The National Institute of Standards and Technology (NIST) has released an initial public draft of NIST SP 800-171, Revision 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. Compliance...more

[Webinar] CMMC – Practical Solutions to Managing and Securing CUI Data, Perspectives of a Foreign Defense Contractor - November...

Ankura on 11/2/2022

Currently defense contractors who receive or create Controlled Unclassified Information (“CUI”) from or for the U.S. Department of Defense (“DoD”) are subject to several contract-based cybersecurity requirements, including...more

OMB Renews Commitment to EO14028 by Requiring SSDF Compliance in Federal Software Acquisition

Ankura on 10/26/2022

On September 14, 2022, the Office of Management and Budget (OMB) issued much-anticipated guidance on the implementation of Secure Software Development Framework (SSDF) requirements for contractors (The “Guidance Memo”)...more

Federal Government Outlines New Security and Attestation Requirements for Software

Sheppard Mullin Richter & Hampton LLP on 9/29/2022

Per Executive Order 14028, Improving the Nation’s Cybersecurity, the Office of Management and Budget (OMB) issued a memorandum on September 14, 2022 requiring federal agencies to only use software from software producers that...more

55 Results

View per page

Page: of 3

Cybersecurity › Information Technology › Federal Contractors

"My best business intelligence, in one easy email…"