News & Analysis as of

Compliance National Institute of Standards and Technology Department of Defense (DOD)

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
McCarter & English Blog: Government Contracts...

The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

McCarter & English Blog: Government Contracts... on

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more

Foley & Lardner LLP

Latest FCA Cybersecurity Settlement Shows Enforcement Remains a Priority Under Trump Administration

Foley & Lardner LLP on

A recent United States Department of Justice (DOJ) announcement reinforces that enforcement of cybersecurity requirements under the False Claims Act (FCA) remains an ongoing risk. According to the press release, defense...more

Cozen O'Connor

FAR Proposed Controlled Unclassified Information Rule: A Path Toward Standardization

Cozen O'Connor on

On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more

Clark Hill PLC

It’s a New Year and a Good Time for a Cybersecurity Checkup

Clark Hill PLC on

2024 was another active year in cybersecurity, with high-profile vulnerabilities and data breaches, and government and private sector responses to them. Examples include pervasive ransomware attacks targeting the healthcare,...more

McCarter & English Blog: Government Contracts...

They Did It. They Really Did It! The Arrival of the FAR CUI Proposed Rule

McCarter & English Blog: Government Contracts... on

After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more

Health Care Compliance Association (HCCA)

Penn State, GA Tech Cybersecurity Cases Join 10 Others FCA Attorney Has Under Seal

Health Care Compliance Association (HCCA) on

Note to research compliance officials still digesting news of Pennsylvania State’s recent $1.25 million settlement over False Claims Act (FCA) allegations related to cybersecurity and the government’s recent intervention in a...more

Vinson & Elkins LLP

DoD Releases Final CMMC Program Rule, Formally Initiating Its Cybersecurity Program

Vinson & Elkins LLP on

On October 15, 2024, the Department of Defense (“DoD”) released its final rule (the “Final Rule”) formally establishing the Cybersecurity Maturity Model Certification (“CMMC”) program, nearly three years after first...more

BakerHostetler

The DoD’s CMMC Rule Is Out: What Comes Next?

BakerHostetler on

On October 15, 2024, the Department of Defense (DoD) published the final rule for the Cybersecurity Maturity Model Certification (CMMC) Program that not only finalizes the long-anticipated CMMC Rule but also foreshadows what...more

Bass, Berry & Sims PLC

DoD Announces Cybersecurity Maturity Model Certification 2.0 Final Rule (Finally!)

Bass, Berry & Sims PLC on

After numerous fits and starts, on October 14, the Department of Defense (DoD) published a final rule implementing the Cybersecurity Maturity Model Certification (CMMC) program. Borne from documented deficiencies in the...more

Pillsbury Winthrop Shaw Pittman LLP

The Department of Defense Issues Final Rule Establishing CMMC 2.0

Pillsbury Winthrop Shaw Pittman LLP on

Less than 10 months after the issuance of its proposed rule, DoD has issued this final rule establishing the CMMC program. DoD’s issuance of the final rule demonstrates the government’s continued commitment to...more

Holland & Knight LLP

15 Key Takeaways from the Final CMMC Program Rule Issued by DOD

Holland & Knight LLP on

The U.S. Department of Defense (DOD) has long questioned whether contractors and their supply chains have been fully compliant with existing cybersecurity requirements aimed at protecting Controlled Unclassified Information...more

BakerHostetler

(Cyber)Security Theater 101 - Georgia Tech, a Teachable Moment

BakerHostetler on

On August 22, 2024, the United States intervened in a whistleblower suit against the Georgia Institute of Technology, initially filed by current and former members of Georgia Tech’s cybersecurity team, alleging that Georgia...more

American Conference Institute (ACI)

CMMC 2.0 and FOCI Assessments: Preparing for What Lies Ahead

American Conference Institute (ACI) on

Defense contractors and subcontractors that handle Controlled Unclassified Information (CUI) and do not have robust information-security system controls in place better get their house in order now if they want to do business...more

Mayer Brown

US DoD Issues Class Deviation Delaying DFARS Implementation of Upcoming NIST SP 800-171, Revision 3

Mayer Brown on

On May 2, 2024, the Department of Defense (DoD) issued a class deviation to DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting. The deviation relates to contractors’ compliance with...more

Bass, Berry & Sims PLC

The United States Intervenes in its First False Claims Act Cybersecurity Case

Bass, Berry & Sims PLC on

The United States notified the U.S. District Court for the Northern District of Georgia that it plans to intervene in a False Claims Act case filed against Georgia Tech Research Corporation (Georgia Tech) by its Associate...more

Oberheiden P.C.

Defense Department Looks to Update DFARS Cybersecurity Compliance Requirements

Oberheiden P.C. on

Over the holidays, the U.S. Department of Defense (DoD) issued proposed rules for updating its Cybersecurity Maturity Model Certification (CMMC) program from its existing Defense Acquisition Regulatory Supplement (DFARS)...more

Holland & Knight LLP

Department of Defense Releases Long-Awaited CMMC Proposed Rule

Holland & Knight LLP on

Two years after announcing the second iteration of the U.S. Department of Defense's (DoD) Cybersecurity Maturity Model Certification (CMMC) program, the DoD released its proposed rule that, if adopted, will implement the...more

Society of Corporate Compliance and Ethics...

[Webinar] What’s all the fuss about CMMC? - November 29th, 12:00 pm - 1:30 pm CT

Society of Corporate Compliance and Ethics... on

Learning Objectives - What is CMMC and should I care? - Cybersecurity is crucial for compliance in any company - Is NIST 800-171 (The CMMC Framework) worth employing? - Thoughts and observations from the field...more

Pietragallo Gordon Alfano Bosick & Raspanti,...

Contractors Beware – Cybersecurity Litigation on the Rise Under the False Claims Act

Pietragallo Gordon Alfano Bosick & Raspanti,... on

Takeaway: The DOJ’s Cyber Fraud Initiative and qui tam actions under the False Claims Act represent signification enforcement mechanisms for cybersecurity contractor compliance. On the eve of 2022, the United States began...more

Holland & Knight LLP

U.S. Department of Defense Tightens Screws on Cybersecurity Compliance

Holland & Knight LLP on

The U.S. Department of Defense (DoD) recently released a memorandum signaling its increasing willingness to review contractor compliance with cybersecurity standards in its contracts and take action against noncompliant...more

Pillsbury Winthrop Shaw Pittman LLP

DoD Increases Focus on Cybersecurity Compliance

Pillsbury Winthrop Shaw Pittman LLP on

A recent DoD memorandum should serve as a warning to contractors that they need to focus on cybersecurity compliance now or risk serious consequences. A recent DoD memorandum should serve as a warning to contractors that...more

McDermott Will & Emery

Shields Up: DoD Reminds Contracting Officers that DFARS Cyber Clauses Have Consequences

McDermott Will & Emery on

On June 16, 2022, the US Department of Defense (DoD) issued a memorandum (DoD Memo) “reminding” contracting officers that noncompliance with the Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012,...more

Miles & Stockbridge P.C.

CMMC 2.0: DoD Scales Back Certification and Streamlines Cybersecurity Requirements for Defense Contractors

Miles & Stockbridge P.C. on

On November 4, 2021, the U.S. Department of Defense (DoD) Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)) announced Version 2.0 of the highly publicized Cybersecurity Maturity Model...more

Sheppard Mullin Richter & Hampton LLP

Updates Announced to Department of Defense Cybersecurity Certification Program

Sheppard Mullin Richter & Hampton LLP on

The Department of Defense (DOD) recently announced several changes to its Cybersecurity Maturity Model Certification program. The program applies to those who serve as contractors and suppliers to the DOD. As described in our...more

NAVEX

CMMC Is Coming: How Government Contractors Can Prepare

NAVEX on

People like to say that cybersecurity threats are constantly evolving. So perhaps it’s fitting that cybersecurity compliance is undergoing a significant evolution of its own this year, too. That evolution is the arrival of...more

30 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide