To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more
1/8/2025
/ Artificial Intelligence ,
Compliance ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Protection ,
Department of Defense (DOD) ,
DFARS ,
Enforcement ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
FedRAMP ,
National Security ,
Reporting Requirements ,
Risk Management ,
Software
Well, the wait is over. Just as 2023 came to a close, on December 26, 2023, the Department of Defense (“DoD”) published the much-anticipated Proposed Rule for the DoD’s Cybersecurity Maturity Model Certification (“CMMC”)...more
1/3/2024
/ Certification Requirements ,
Comment Period ,
Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
DCMA ,
Defense Contracts ,
Defense Sector ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
Proposed Rules
A few weeks ago, we discussed two recent cyber-related False Claims Act (FCA) cases. One of those cases is a qui tam lawsuit against Penn State and, as of the date of our article, we were waiting to see if DOJ would opt to...more
In recent weeks, there has been an uptick in news of cyber-related False Claims Act (“FCA”) activity. For example, on September 1, 2023, the court unsealed a qui tam lawsuit against Penn State University relating to...more
9/12/2023
/ Compliance ,
Compliance Monitoring ,
Controlled Defense Information (CDI) ,
Cybersecurity ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
DFARS ,
Enforcement ,
False Claims Act (FCA) ,
Federal Contractors ,
Internal Investigations ,
Policies and Procedures ,
Popular ,
Qui Tam ,
Universities ,
Whistleblowers
Anyone who has been closely following the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program knows the effort has experienced a fair number of complications and delays...more
Just when you didn’t think things could get any weirder, on Friday, January 21, 2022, the U.S. District Court for the Southern District of Georgia issued a ruling clarifying its prior EO 14042 injunction (currently on appeal...more
1/26/2022
/ Centers for Medicare & Medicaid Services (CMS) ,
Coronavirus/COVID-19 ,
DFARS ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Georgia ,
Injunctions ,
Masks ,
OSHA ,
Social Distancing ,
Vaccinations
On May 12, 2021, the Biden Administration issued its much anticipated “Executive Order on Improving the Nation’s Cybersecurity.” Below are provisions we believe will be of most interest to contractors, as well as any company...more
5/19/2021
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
DFARS ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Information Technology ,
Internet of Things ,
NIST ,
OMB ,
Popular ,
Software ,
Supply Chain ,
Technology
The Department of Defense (DoD) recently published an interim rule that sets forth its Cybersecurity Maturity Model Certification (CMMC) program plan, as well as new requirements for a “NIST SP 800-171 DoD Assessment...more
At long last, the Department of Defense (“DoD”) has provided its interim rule, published in the Federal Register on September 29, 2020, amending the Defense Federal Acquisition Regulation Supplement (“DFARS”) to set forth...more
A lot has happened since the Department of Defense (“DOD”) released its Cybersecurity Maturity Model Certification (CMMC) v. 1.0 back in February (see our prior discussion here). In addition to developments with the CMMC...more