The Department of Defense (DOD) has finally promulgated its Final Rule (Rule) implementing the Cybersecurity Maturity Model Certification (CMMC) program, which goes ‘live’ on December 16th. There is plenty of content...more
The Cybersecurity Maturity Model Certification (CMMC) Program has been a headache for many defense contractors since the idea was first introduced in 2019. The program seeks to protect unclassified information, including...more
8/16/2024
/ Certification Requirements ,
Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Contracts ,
Defense Sector ,
Department of Defense (DOD) ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NIST
7(a) Loan Approval for Borrowers with Unresolved COVID-19 Pandemic Loan Compliance Issues: On May 21, SBA’s OIG issued an inspection report assessing SBA’s 7(a) loan approval process for borrowers with unresolved pandemic...more
The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) was enacted in 2022 with the primary purpose of preserving national security, economic security, and public health and safety. CIRCIA provides the Director...more
5/29/2024
/ Compliance ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Contractors ,
Hackers ,
Popular ,
Reporting Requirements
FTC Non-Compete Ban Attacked by Businesses: What You Need to Know about the Ban -
On April 23, 2024, the Federal Trade Commission (FTC) announced a final rule banning employers from enforcing non-compete agreements against...more
In March 2024, the Cybersecurity and Infrastructure Security Agency (CISA) released the final version of its secure software development self-attestation common form (Form), requiring federal government contractors who...more
In an era where digital threats are ever-evolving, ensuring the security of sensitive government data is paramount, especially for government contractors working on defense contracts. Join PilieroMazza’s Cy Alba and Daniel...more
1/23/2024
/ Biden Administration ,
Cyber Incident Reporting ,
Cybersecurity ,
Defense Contracts ,
Defense Sector ,
Department of Defense (DOD) ,
DFARS ,
Executive Orders ,
False Claims Act (FCA) ,
Federal Contractors ,
New Rules
In an era where digital threats are ever-evolving, ensuring the security of sensitive government data is paramount, especially for government contractors working on defense contracts. Join PilieroMazza’s Cy Alba and Daniel...more
11/22/2023
/ Classified Information ,
Contract Termination ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Defense Contracts ,
False Claims Act (FCA) ,
Federal Contractors ,
Goods or Services ,
Incident Response Plans ,
New Rules ,
Webinars
Substantive cybersecurity amendments to the Federal Acquisition Regulation (FAR) are underway, significantly altering the duties and obligations of federal government contractors both prior to award and during contract...more
11/20/2023
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Defense (DOD) ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
SBA ,
Small Business
Protecting Our Nation’s Data, Part 2: Implementing Cyber Threat Incident Reporting and Information Sharing -
In October 2023, the federal government released a Proposed Rule aimed at incorporating new cybersecurity...more
In October 2023, the federal government released a Proposed Rule aimed at incorporating new cybersecurity reporting requirements into the Federal Acquisition Regulation (FAR). In this second installment of PilieroMazza’s...more
11/8/2023
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
SBA ,
Small Business ,
Subcontractors
New standardized cybersecurity compliance requirements are inbound. In early October 2023, the Federal Acquisition Regulation (FAR) Council issued a proposed rule (Proposed Rule) to standardize cybersecurity requirements...more
BID PROTESTS -
GAO Sustains Protests of CIO-SP4 Procurement -
On June 29, 2023, the Government Accountability Office (GAO) sustained protesters’ challenge of the Department of Health and Human Services (HHS), National...more
The Department of Homeland Security (DHS) recently released a final rule (Final Rule), effective July 21, 2023, updating the Homeland Security Acquisition Regulation (HSAR) to include cybersecurity provisions aimed at...more
Cybersecurity has been an important topic for many years now, yet the government has struggled with how to flow down cybersecurity obligations to its supply chain. The Department of Defense’s (DOD) Cybersecurity Maturity...more
The federal government recently issued an interim rule, effective immediately, prohibiting the presence or use of the TikTok application in the performance of a contract. This rule continues the government’s actions against...more
The Federal Acquisition Regulatory Council (FAR Council) announced it was preparing a proposed rule to standardize cybersecurity requirements for unclassified Federal Information Systems across federal agencies in accordance...more
Effective March 22, 2023, the Department of Defense (DOD) issued a final rule (Final Rule) amending the Defense Federal Acquisition Regulation Supplement (DFARS) requiring Contracting Officers (COs) to use Supplier...more
As contemplated by PilieroMazza’s recent blog, the Cybersecurity and Infrastructure Security Agency (CISA) released a notice and request for comments on a new requirement for software producers to provide self-attestations...more
Cybersecurity has been an important topic for many years now, yet the government has struggled with how to flow down cybersecurity obligations to its supply chain. The Department of Defense’s (DOD) Cybersecurity Maturity...more
3/27/2023
/ Cyber Attacks ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Defense (DOD) ,
Federal Contractors ,
Flow Down Clause ,
Incident Response Plans ,
Prime Contractor ,
Subcontractors ,
Webinars
GOVERNMENT CONTRACTS -
Veterans Affairs Imposes Increased Cybersecurity Rules on Government Contractors -
The U.S. Department of Veterans Affairs (VA) released a final rule, effective February 24, 2023, amending the...more
3/2/2023
/ Cybersecurity ,
Department of Defense (DOD) ,
Department of Labor (DOL) ,
Department of Veterans Affairs ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
General Services Administration (GSA) ,
NASA ,
Non-Compete Agreements ,
SBA ,
Subcontractors
The U.S. Department of Veterans Affairs (VA) released a final rule, effective February 24, 2023, amending the VA’s Acquisition Regulation (VAAR) to impose new cybersecurity procedures and processes to protect sensitive VA...more
Almost two years ago, Executive Order 14028 – Improving the Nation’s Cybersecurity (EO) was issued requiring a host of actions be taken by the Federal Acquisition Regulation (FAR) Council, the National Institute of Standards...more
On October 5, 2022, the Department of Defense (DOD), in compliance with Section 889 of the National Defense Authorization Act for Fiscal Year 2019, released an updated list (Blacklist) of banned People’s Republic of China...more
10/12/2022
/ Blacklist ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Department of Defense (DOD) ,
Drones ,
False Claims Act (FCA) ,
Federal Contractors ,
National Security ,
Popular ,
Subcontractors
On September 22, the Senate passed the Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) Extension Act of 2022. As it heads to the House of Representatives, government contractors in...more