Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
Intellectual Property In Department of Defense Contracting
Additional Compensation from the Government: A Brief Comparison of REAs and Claims
Webinar: Trademarks and Government Contracting
Buy American: What Government Contractors Need to Know
Federal Contracting Overseas: Insider Tips for Ensuring Compliance with Host Country Laws
Navigating the FAR/DFARS: The Most Confusing and Little Known Clauses
Government Contracts Cyber Café: 2019 Wrap Up and Privacy, CMMC, and GRC in 2020
The Government Contracts Cyber Café: Recent Developments Update
Government Contracts Cyber Café Series: An Inside Look at DFARS Compliance Data
Government Contracts Cyber Café - Crisis Management: Beyond Compliance
Federal Cybersecurity Requirements
On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more
The Federal Acquisition Regulation (FAR) Council issued its long awaited proposed rule on Controlled Unclassified Information (CUI) on January 15, 2025. The proposed rule establishes a common form to be used by all federal...more
To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more
On October 10, 2024, the U.S. Department of Defense (DOD) issued a final rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) to establish a pilot program allowing for sole source follow-on contract...more
WHAT: The U.S. Department of Defense (DOD) just published the second of two proposed rules setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The earlier...more
On May 2, the Department of Defense (DOD) issued a class deviation to DFARS 252.204-7012 “to provide industry time for a more deliberate transition upon the forthcoming release of [National Institute of Standards and...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (“CISA”) released proposed regulations requiring expansive new cybersecurity incident and ransomware payment reporting across sixteen “critical...more
On December 21, 2023, the Department of Defense (DoD) issued a memorandum (Memo) providing guidance and clarification on the security and cyber incident management requirements applicable for the use of external Cloud Service...more
The Department of Defense (DoD) issued a final rule on July 9, 2021, requiring contractors to report annually their total labor hours and invoiced amounts for certain service contracts. Requirement applies to contracts...more
The Colonial Pipeline cyberattack prompted the issuance of a long-awaited executive order (EO) on improving U.S. cybersecurity. The EO mandates that, within six months, all federal agencies implement multi-factor...more
The Department of Defense (DoD) continues to enhance cybersecurity requirements in its supply chain. A new rule requires some contractors to assign a numerical score to their current cybersecurity practices. Additionally, the...more
A new Federal Acquisition Regulation (FAR), "Reporting of Nonconforming Items to the Government Industry Data Exchange Program," will become effective on December 23, 2019. The new FAR provision (FAR 46.317) and clause (FAR...more
In the face of increasing concern over the security of Navy and Marine Corps (Navy) programs, the Navy Marine Corps Acquisition Regulation Supplement (NMCARS) was updated on September 6, 2019 to incorporate significant...more
The Department of Defense’s cybersecurity requirements for Covered Defense Information became effective on Dec. 31, 2017. See DFARS 52.204-7012. There is no corresponding FAR cybersecurity rule, leaving the civilian agencies...more
The DoD clarifies its expectation for full compliance to protect Controlled Unclassified Information (CUI) residing on Contractor Systems from cyber incidents. A defense contractor’s updated and current System Security...more
Significant Changes to Online Copyright (DMCA) Safe Harbor and DoD Contractor Cybersecurity (NIST 800-171) Requirements Take Effect at the End of This Year. Important Change Affecting Digital Millennium Copyright Act...more
The window for Department of Defense (DoD) contractors to bring themselves into compliance with cybersecurity requirements is closing. Specifically, changes to the Defense Federal Acquisition Regulation Supplement (DFARS)...more
For businesses that work with the U.S. Department of Defense (“DoD”), two important rules for safeguarding certain categories of sensitive information and reporting cyber incidents were recently finalized, updating the...more
On October 21, 2016, the Department of Defense (“DoD”) issued a final rule (the “final rule”) codifying the specific actions DoD contractors and subcontractors must take to adequately safeguard “covered defense information”...more
On October 21, 2016, the Department of Defense (DoD) issued a final rule following-up on the interim rules it had issued on August 26 and December 30, 2015, regarding safeguarding contractor networks and purchasing cloud...more
GOVERNMENT CONTRACTS - Amendments to Department of Defense (“DOD”) Mentor-Protégé Program DOD has issued a proposed rule which will amend the DFARS to implement Section 861 of the NDAA 2016, which provides amendments...more
On May 16, 2016, the Federal Acquisition Regulations (“FAR”) Council published the final FAR rule on Basic Safeguarding of Contractor Information Systems. The rule is intended to prescribe “the most basic level” of...more
Action Item: Through a new version of its Cyber Security Clause, the Department of Defense (“DOD”) is directing defense contractors to extend their cyber defense and reporting requirements beyond their recognizable supply...more
The Department of Defense (DoD) issued an interim cybersecurity rule in August 2015 that, among other things, revises the existing Defense Federal Acquisition Regulation Supplement (DFARS) cybersecurity clause and increases...more
The U.S. Department of Defense (DOD) recently published an interim rule amending the Defense Federal Acquisition Regulation Supplement (DFARS).1 The interim rule, effective August 26, 2015, focuses on two issues. First, the...more