Diversifying Your Contract Pipeline by Maximizing Opportunities through the DOD’s Mentor Protégé Program
Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
Podcast - The State of Contractor Cybersecurity with Katie Arrington
What Do the Newly Released CMMC 2.1 Documents Mean?
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
Compliance Into The Weeds - Retreat on DoD Cybersecurity for Contractors
Federal Contracting Overseas: Insider Tips for Ensuring Compliance with Host Country Laws
At the end of 2024, Senator Roger Wicker (R-MS) published a plan (“Restoring Freedom’s Forge: American Innovation Unleashed”) and introduced a bill (the Fostering Reform and Government Efficiency in Defense Act or FoRGED...more
Amid ongoing policy shifts in Washington, the federal government’s interest in pursuing civil cyber-fraud cases appears to be here to stay. In October 2021, the Department of Justice (DOJ) initiated its Civil Cyber-Fraud...more
Pete Hegseth, during his Secretary of Defense (SECDEF) confirmation hearings, articulated several priorities that could have a significant impact on private industry in the United States. These priorities focused primarily on...more
On December 18, 2024, the Senate passed the National Defense Authorization Act for Fiscal Year 2025 (NDAA), which the House of Representatives passed the previous week. President Biden is expected to sign the bill into law...more
Designed for busy in-house counsel, compliance professionals, and anti-corruption lawyers, this newsletter summarizes some of the most important international anti-corruption law and enforcement developments from the past...more
On October 11, 2024, the United States Department of Defense (DOD) published a final rule implementing its Cybersecurity Maturity Model Certification (CMMC) program, which is designed to verify that defense contractors are...more
The Inspector General (IG) for the U.S. Department of Defense (DOD) issued a report critical of recent efforts by contractors to protect Controlled Unclassified Information (CUI). The report, which followed the DOD IG's...more
Russian President Vladimir Putin issued Decree No. 302, “On Temporary Management Over Certain Assets,” on April 25, authorizing the Russian federal agency for state property management—or any governmental agency the president...more
The Department of Justice recently announced the launch of a Civil Cyber-Fraud Initiative, which has direct implications for government contractors and serves as a warning that slack cybersecurity practices will be a target...more
With the announcement of a revamped Cybersecurity Maturity Model Certification (known as CMMC 2.0),1 for the third time in five years, the U.S. Department of Defense (DOD) announced new, comprehensive cybersecurity standards...more
Compliance into the Weeds is the only weekly podcast that takes a deep dive into a Compliance-related topic, literally going into the weeds to more fully explore a subject. In today's episode, Matt and I take a look at the...more
The world is awash in data, and the amount of data continues to grow at an astounding rate. According to some estimates, global data storage will amount to more than 200 zettabytes by 2025. When you consider that one...more
During the COVID-19 pandemic, governments across the globe have become increasingly involved in the private sector. State-owned enterprises have long been common in Asia, but the pandemic has increased their prominence in...more
The Defense Federal Acquisition Regulation Supplement (“DFARS”) 252.204-7008 and 252.204-7012 require defense contractors who possess, store or transmit “covered defense information” to comply with the security requirements...more
When the National Security Agency (NSA) and the Federal Bureau of Investigations (FBI) get together to issue a joint warning, you may wish to listen up....more
Federal district courts around the country continue to grapple with how to analyze “no-poach” agreements — whereby two or more companies agree not to hire or recruit each other’s workers — under the antitrust laws. Beginning...more
On January 30, 2020, the U.S. Department of Defense (“DoD”) released Version 1.0 of its Cybersecurity Maturity Model Certification (“CMMC”) framework (CMMC overview here; CMMC Version 1.0 and appendices here). By 2026, DoD...more
- DoD has released the final version of the CMMC framework. - DoD anticipates that CMMC requirements will appear in a limited number of solicitations starting in October 2020 and that they will appear in all DoD...more
On January 30, the US Department of Defense (DoD) released version 1.0 of the Cybersecurity Maturity Model Certification (CMMC) framework, which will require DoD contractors and subcontractors to obtain third-party...more
2019 has been a year of pivotal developments for defense contractors in the realm of cybersecurity compliance. The Department of Defense (DoD) issued six guidance memoranda to assist its acquisition personnel in developing...more
The U.S. Department of Defense (DOD) is forging ahead in its plan to adopt a new framework for cybersecurity, with significant ramifications for all defense contractors, including subcontractors. On November 8, 2019, DOD...more
In the face of increasing concern over the security of Navy and Marine Corps (Navy) programs, the Navy Marine Corps Acquisition Regulation Supplement (NMCARS) was updated on September 6, 2019 to incorporate significant...more
Earlier this year, Assistant Secretary of Defense for Acquisition & Logistics Kevin Fahey announced that the Department of Defense (“DoD”) was working with Carnegie Mellon University and Johns Hopkins Applied Physics...more
As we reported last month, the Department of Defense (DoD) has been engaging in an unusual rollout of its new cybersecurity certification program by way of road tours—led by Katie Arrington, the Special Assistant to the...more
The defense contractor community is buzzing about a recent announcement by Katie Arrington, the Special Assistant to the Assistant Secretary of Defense for Acquisition for Cybersecurity. The announcement? The costs of...more