Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
Intellectual Property In Department of Defense Contracting
Additional Compensation from the Government: A Brief Comparison of REAs and Claims
Webinar: Trademarks and Government Contracting
Buy American: What Government Contractors Need to Know
Federal Contracting Overseas: Insider Tips for Ensuring Compliance with Host Country Laws
Navigating the FAR/DFARS: The Most Confusing and Little Known Clauses
Government Contracts Cyber Café: 2019 Wrap Up and Privacy, CMMC, and GRC in 2020
The Government Contracts Cyber Café: Recent Developments Update
Government Contracts Cyber Café Series: An Inside Look at DFARS Compliance Data
Government Contracts Cyber Café - Crisis Management: Beyond Compliance
Federal Cybersecurity Requirements
The Department of Defense (DoD) recently issued a memo titled, "Implementing the Cybersecurity Maturity Model Certification (CMMC) Program: Guidance for Determining Appropriate CMMC Compliance Assessment Levels and Process...more
The recently passed National Defense Authorization Act (NDAA or Act) for Fiscal Year 2025 addresses recurring areas of focus relevant to defense contracting, including supply chain risks related to China, organizational...more
To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more
On October 15, 2024, the Department of Defense (“DoD”) published the final version of its Cybersecurity Maturity Model Certification (“CMMC”) rule in Title 32 of the Code of Federal Regulations (the “Final Rule”). (Reminder,...more
On August 15, 2024, the Department of Defense (DoD) published a proposed rule to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to incorporate contractual requirements related to the Cybersecurity...more
Concerns regarding the integrity of the U.S. defense industrial base supply chain continue to grow. Similar to national cybersecurity risks, national security risks to the defense supply chain are asymmetric and can arise at...more
On May 2, 2024, the Department of Defense (DoD) issued a class deviation to DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting. The deviation relates to contractors’ compliance with...more
Semiconductor Supply Chain Update - FAR Council Released Advance Notice of Proposed Rulemaking - Suppliers of semiconductors to the government beware. The FAR Council released an Advance Notice of Proposed Rulemaking...more
WHAT: On January 11, 2024, the U.S. Department of Defense (DOD) published its National Defense Industrial Strategy (NDIS). In line with DOD’s continued emphasis on modernizing and strengthening the supply chain and...more
On September 1, 2023, the U.S. District Court for the Eastern District of Pennsylvania unsealed a qui tam False Claims Act (“FCA”) lawsuit (originally filed on October 5, 2022) alleging Penn State University failed to provide...more
In the hyper-connected era of smart manufacturing, accelerated by “Industry 4.0,” the manufacturing sector is undergoing a digital revolution. By leveraging technologies such as advanced automation, artificial intelligence,...more
GOVERNMENT CONTRACTS - Prohibition on Use or Delivery of Chinese Telecommunications and Video Surveillance Products and Services: The Potential Link Between Section 889 of the 2019 NDAA and Section 1260H of the 2021 NDAA,...more
For just shy of a decade, the Defense Industrial Base (DIB) has had to operate under rules dictating the safeguarding of Controlled Unclassified Information, along with a strict 72-hour notification requirement if/when/should...more
CMMC 2.0 – Simplification and Flexibility of DoD Cybersecurity Requirements - Evolving and increasing threats to U.S. defense data and national security networks have necessitated changes and refinements to U.S. regulatory...more
On May 12, 2021, President Biden signed a sweeping Executive Order (EO) to protect federal government networks and software supply chains against increasing threats of attacks from malicious cyber actors, setting the stage...more
The Colonial Pipeline cyberattack prompted the issuance of a long-awaited executive order (EO) on improving U.S. cybersecurity. The EO mandates that, within six months, all federal agencies implement multi-factor...more
Recent weeks have brought news on multiple fronts regarding supply chain risks and actions in response thereto: Commerce ICTS Regulations to Go Into Effect; Chinese ICTS Companies, Products and Services in the...more
New rules and developments continue to proliferate as the U.S. government seeks to minimize supply chain threats and cybersecurity risks. For contract awards issued after August 13, 2020, prime contractors must conduct a...more
On January 30, 2020, the U.S. Department of Defense (“DoD”) released Version 1.0 of its Cybersecurity Maturity Model Certification (“CMMC”) framework (CMMC overview here; CMMC Version 1.0 and appendices here). By 2026, DoD...more
Earlier this month, it was reported that the National Security Agency (NSA) discovered a serious security flaw in Microsoft Windows 10 cryptographic functionality, CVE-2020-0601.That security flaw could render trust...more
The Department of Defense (DoD) is planning to release Volume 1.0 of the Cyber Maturity Model Certification (CMMC) framework, which will affect the award and continued performance of all DoD contracts. In response to the...more
The Department of Defense (DoD) Inspector General recently issued a report summarizing the findings of an audit into the protection of Controlled Unclassified Information (CUI) on contractor networks. Based on an in-depth...more
On November 18, 2013, the U.S. Department of Defense (DOD) published an interim rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) that will likely prove controversial through the inclusion of supply...more