Diversifying Your Contract Pipeline by Maximizing Opportunities through the DOD’s Mentor Protégé Program
Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
Podcast - The State of Contractor Cybersecurity with Katie Arrington
What Do the Newly Released CMMC 2.1 Documents Mean?
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
Compliance Into The Weeds - Retreat on DoD Cybersecurity for Contractors
Federal Contracting Overseas: Insider Tips for Ensuring Compliance with Host Country Laws
On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more
On October 15, 2024, the Department of Defense (DoD) published the final rule for the Cybersecurity Maturity Model Certification (CMMC) Program that not only finalizes the long-anticipated CMMC Rule but also foreshadows what...more
After numerous fits and starts, on October 14, the Department of Defense (DoD) published a final rule implementing the Cybersecurity Maturity Model Certification (CMMC) program. Borne from documented deficiencies in the...more
The Justice Department’s global settlement included a significant False Claims Act resolution, resulting in a second deferred prosecution agreement (“DPA”) for a three-year term. A criminal information was filed in the...more
The CMMC program is designed to ensure that federal contract information (“FCI”) and Controlled Unclassified Information (“CUI”) are sufficiently protected by government contractors. For example, the CMMC program requires...more
The Department of Defense (DoD) published a Final Rule earlier this month formally implementing the Cybersecurity Maturity Model Certification (CMMC) Program. This Final Rule is the culmination of five years of work to...more
The federal government's recent False Claims Act suit against Georgia Tech highlights the importance of complying with cybersecurity standards when working on federal contracts. This action signifies the U.S. Department of...more
The Inspector General (IG) for the U.S. Department of Defense (DOD) issued a report critical of recent efforts by contractors to protect Controlled Unclassified Information (CUI). The report, which followed the DOD IG's...more
Russian President Vladimir Putin issued Decree No. 302, “On Temporary Management Over Certain Assets,” on April 25, authorizing the Russian federal agency for state property management—or any governmental agency the president...more
Ongoing geopolitical developments such as Russia’s war in Ukraine and tensions between China and Taiwan have continued to fuel higher US military spending. The demand for military weapons is the strongest it has been in...more
On November 4, 2021, the U.S. Department of Defense (DoD) Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)) announced Version 2.0 of the highly publicized Cybersecurity Maturity Model...more
The Department of Defense (DOD) recently announced several changes to its Cybersecurity Maturity Model Certification program. The program applies to those who serve as contractors and suppliers to the DOD. As described in our...more
Compliance into the Weeds is the only weekly podcast that takes a deep dive into a Compliance-related topic, literally going into the weeds to more fully explore a subject. In today's episode, Matt and I take a look at the...more
Key Takeaways: - Heightened Government Attention to Fraud Risk - The U.S. Government Accountability Office (GAO) recently released a report identifying ongoing vulnerabilities to fraud in the defense contracting sphere....more
People like to say that cybersecurity threats are constantly evolving. So perhaps it’s fitting that cybersecurity compliance is undergoing a significant evolution of its own this year, too. That evolution is the arrival of...more
The U.S. Department of Justice (DOJ) obtained a record $5.69 billion in settlements and judgments from civil cases involving fraud and false claims against the government in fiscal year 2014. This marks the first time the DOJ...more
The government has increasingly focused its FCPA enforcement firepower on individuals. On August 31, a Russian official living in Maryland pled guilty to conspiracy to commit money laundering in connection with arranging $2...more
On August 26, 2015, the Department of Defense (“DOD”) issued a White Paper announcing that, beginning in FY 2017, all defense contractors will be required to notify DOD before undertaking any new Independent Research and...more
A CD or not a CD, That is the Question… That the Auditors Should Have Answered - A headline-grabbing SEC enforcement action last week against BDO USA and several of its national partners may lead audit firms to insist on...more
Given the failure to enact comprehensive cybersecurity legislation last year, Congress included several targeted statutory provisions setting federal defense policy on a range of cybersecurity issues in the National Defense...more