Diversifying Your Contract Pipeline by Maximizing Opportunities through the DOD’s Mentor Protégé Program
Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
Podcast - The State of Contractor Cybersecurity with Katie Arrington
What Do the Newly Released CMMC 2.1 Documents Mean?
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
Compliance Into The Weeds - Retreat on DoD Cybersecurity for Contractors
Federal Contracting Overseas: Insider Tips for Ensuring Compliance with Host Country Laws
The U.S. Department of Defense (DoD) recently issued a memorandum signaling that defense contractors soon will be required to comply with new cybersecurity compliance requirements. The memorandum establishes...more
Recent changes in U.S. trade policy necessitate a thorough understanding of FAR and DFARS clauses related to cost recovery, duties and taxes....more
In a decisive move to stay ahead in an era of rapidly evolving digital threats, the Department of Defense (DOD) is accelerating its push for software modernization. The upcoming launch of the Software Fast Track (SWIFT)...more
On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more
In the current economic climate, the obvious focus of many companies is on the administration’s imposition of tariffs. However, government contractors, especially those contracting with the U.S. Department of Defense (“DoD”),...more
At the end of 2024, Senator Roger Wicker (R-MS) published a plan (“Restoring Freedom’s Forge: American Innovation Unleashed”) and introduced a bill (the Fostering Reform and Government Efficiency in Defense Act or FoRGED...more
U.S. Department of Defense (DOD) contractors with foreign ownership, control, or influence (FOCI) soon will face new requirements. Though cleared DOD contractors have long been bound by FOCI obligations, the new rule will...more
Pete Hegseth, during his Secretary of Defense (SECDEF) confirmation hearings, articulated several priorities that could have a significant impact on private industry in the United States. These priorities focused primarily on...more
On December 23, 2024, President Biden signed into law the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2025. The annual bill authorizes spending for the Department of Defense (DOD) while setting other...more
On December 18, 2024, the Senate passed the National Defense Authorization Act for Fiscal Year 2025 (NDAA), which the House of Representatives passed the previous week. President Biden is expected to sign the bill into law...more
WHAT: The U.S. Department of Defense (DOD) issued a proposed rule to implement Section 1655(a) and (c) of the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2019 (Pub. L. 115-232). The proposed rule would...more
The Department of Defense (DoD) published a Final Rule earlier this month formally implementing the Cybersecurity Maturity Model Certification (CMMC) Program. This Final Rule is the culmination of five years of work to...more
Concerns regarding the integrity of the U.S. defense industrial base supply chain continue to grow. Similar to national cybersecurity risks, national security risks to the defense supply chain are asymmetric and can arise at...more
In May 2024, the National Institute of Standards and Technology (NIST) published Special Publication 800-171 Rev 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, and the accompanying...more
The National Institute of Standards and Technology (NIST) released the third revision of its Special Publication (SP) 800-171, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations." This...more
With ever-increasing threats from the Chinese Communist Party, recently exposed vulnerabilities in the United States' supply chain and decades of outsourcing that has left the defense and industrial base vulnerable, there is...more
On Jan. 11, the Department of Defense (DOD) released its first-ever National Defense Industrial Strategy (NDIS). The NDIS outlines a multifaceted approach to strengthen U.S. defense capabilities, innovation and global defense...more
The AbilityOne Program, established by the Javits-Wagner-O’Day (JWOD) Act in 1971, requires federal government agencies to procure certain products and services from community-based nonprofit agencies that employ individuals...more
Ongoing geopolitical developments such as Russia’s war in Ukraine and tensions between China and Taiwan have continued to fuel higher US military spending. The demand for military weapons is the strongest it has been in...more
Defense contractors and their subcontractors and supply chains that have been preparing for the challenge of complying with the Cybersecurity Maturity Model Certification (CMMC) recently received some welcome news from the...more
The Department of Defense (DOD) recently announced several changes to its Cybersecurity Maturity Model Certification program. The program applies to those who serve as contractors and suppliers to the DOD. As described in our...more
People like to say that cybersecurity threats are constantly evolving. So perhaps it’s fitting that cybersecurity compliance is undergoing a significant evolution of its own this year, too. That evolution is the arrival of...more
During the COVID-19 pandemic, governments across the globe have become increasingly involved in the private sector. State-owned enterprises have long been common in Asia, but the pandemic has increased their prominence in...more
On January 30, 2020, the U.S. Department of Defense (“DoD”) released Version 1.0 of its Cybersecurity Maturity Model Certification (“CMMC”) framework (CMMC overview here; CMMC Version 1.0 and appendices here). By 2026, DoD...more
January 2020 was a very important month for DOD’s Cybersecurity Maturity Model Certification (CMMC) initiative. Last week, on January 31, 2020, DOD issued CMMC “Version 1.0” to the public....more