News & Analysis as of July 30, 2025

Cybersecurity › Compliance › Federal Acquisition Regulations (FAR)

+ Follow

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now. less -

FAR 2.0 Part 39 in Arcade Mode—How Federal IT Acquisition Just Hit Reset

McCarter & English Blog: Government Contracts... on 7/21/2025

For those who grew up gripping a joystick and dodging alien fire in Defender, riding ostriches through floating platforms in Joust, or crossing a hectic freeway in Frogger, winning wasn’t about memorizing rules; it was about...more

Building the Cyber Fortress: New Cybersecurity Executive Order Targets Quantum, AI, and Supply Chain Security

McCarter & English Blog: Government Contracts... on 6/16/2025

On June 6, 2025, President Trump issued a new executive order, “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144” (EO), signaling the construction...more

The Need for Speed: DoD’s “Software Fast Track” Targets Bureaucracy at Mach 2

McCarter & English Blog: Government Contracts... on 6/13/2025

The Department of Defense (DoD) is revving its engines again—this time to rocket past its own software acquisition drag. Launched via an April 24 memo from Acting DoD CIO Katie Arrington, the DoD’s Software Fast Track (SWFT)...more

Managing Litigation Risk During the Business Lifecycle, Part 4: M&A Transactions with Government Contractors

PilieroMazza PLLC on 6/11/2025

Transactions that involve government contracts carry a unique set of challenges. Unlike a typical merger or acquisition, deals involving government contracts require the navigation of a complex web of federal laws,...more

How to Become a U.S. Government Contractor: A Legal Guide to the Basics

Bradley Arant Boult Cummings LLP on 5/8/2025

For many businesses, contracting with the U.S. government represents a significant opportunity for stable and often long-term revenue. However, doing business with the federal government comes with unique requirements,...more

The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

McCarter & English Blog: Government Contracts... on 4/28/2025

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more

The Proposed Rule to Amend FAR Guidance on Safeguarding CUI – Care to Comment?

Husch Blackwell LLP on 2/24/2025

The FAR Council issued a proposed rule that would amend the several FAR provisions and add new clauses to provide guidance on the safe handling of CUI. Public comments on the proposed rule are being accepted until March 17,...more

FAR Proposed Controlled Unclassified Information Rule: A Path Toward Standardization

Cozen O'Connor on 2/21/2025

On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more

Analyzing President Biden's Ambitious Cybersecurity Executive Order

Davis Wright Tremaine LLP on 2/5/2025

In his final days in office, President Biden signed an ambitious executive order to improve the federal government's approach to cybersecurity. Executive Order 14114 ("Executive Order"), issued January 16, 2025, titled...more

At Long Last – The FAR CUI Rule is Here!

Sheppard Mullin Richter & Hampton LLP on 1/30/2025

The wait is finally over! After more than 14 years of anticipation, the Federal Acquisition Regulation (“FAR”) Proposed Rule on Controlled Unclassified Information (“CUI”) was released on January 15, 2025 and comes as part of...more

Client Alert: FAR Council Issues Long-Awaited Proposed Rule to Implement Controlled Unclassified Information Program

Jenner & Block on 1/22/2025

On January 15, 2025, the Department of Defense (DOD), General Services Administration (GSA), and the National Aeronautics and Space Administration (NASA) (collectively, “the FAR Council”) issued a long-anticipated proposed...more

FAR Council Publishes Proposed Rule Imposing New Security Requirements on Contractors Handling CUI

Woods Rogers on 1/21/2025

On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more

They Did It. They Really Did It! The Arrival of the FAR CUI Proposed Rule

McCarter & English Blog: Government Contracts... on 1/17/2025

After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more

Governmental Practice Cybersecurity and Data Protection: 2024 Recap & 2025 Forecast Alert

Sheppard Mullin Richter & Hampton LLP on 1/8/2025

To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more

The DoD’s CMMC Rule Is Out: What Comes Next?

BakerHostetler on 11/15/2024

On October 15, 2024, the Department of Defense (DoD) published the final rule for the Cybersecurity Maturity Model Certification (CMMC) Program that not only finalizes the long-anticipated CMMC Rule but also foreshadows what...more

DoD Announces Cybersecurity Maturity Model Certification 2.0 Final Rule (Finally!)

Bass, Berry & Sims PLC on 11/12/2024

After numerous fits and starts, on October 14, the Department of Defense (DoD) published a final rule implementing the Cybersecurity Maturity Model Certification (CMMC) program. Borne from documented deficiencies in the...more

Summary of Changes from DoD CMMC Proposed Rule to Final Rule

Alston & Bird on 10/30/2024

The CMMC program is designed to ensure that federal contract information (“FCI”) and Controlled Unclassified Information (“CUI”) are sufficiently protected by government contractors. For example, the CMMC program requires...more

DOJ Continues Crackdown on Cybersecurity Compliance with $1.25M FCA Settlement

Wiley Rein LLP on 10/29/2024

The Department of Justice (DOJ) secured another win for its Civil Cyber-Fraud Initiative last week when it resolved a False Claims Act (FCA) action[1] alleging Pennsylvania State University (Penn State) failed to comply with...more

DOJ Went Down to Georgia: Lessons Learned from Recent Cybersecurity Enforcement Actions

McCarter & English Blog: Government Contracts... on 9/5/2024

Some might say there’s little difference between dealing with the devil and being a federal contractor. And for the unwary or unprepared, that may not be far off. Federal contracting comes with a litany of “fine print” that...more

Policy Patches: An Update on Software Security Regulation

Wiley Rein LLP on 8/15/2024

So far, 2024 has been another very busy year for U.S. cybersecurity regulation. Among the top priorities has been software security, as we previewed early this year. Companies that sell software to the federal government or...more

A Cautionary AI Tale for Federal Contractors

Clark Hill PLC on 6/14/2024

Much has been and will be written on responsibility determinations and compliance programs in federal contracting, particularly at the intersection of cybersecurity and recent developments. Although a federal contract is not...more

Federal Contractors Face Stricter Regulation Over Cyber Incident Response Reporting

Epiq on 2/28/2024

Last October, the Federal Acquisition Regulation (FAR) Council proposed two new rules, one of which that will influence cyber incident response practices. The scope is limited as it only applies to federal government...more

Defense Department Looks to Update DFARS Cybersecurity Compliance Requirements

Oberheiden P.C. on 2/23/2024

Over the holidays, the U.S. Department of Defense (DoD) issued proposed rules for updating its Cybersecurity Maturity Model Certification (CMMC) program from its existing Defense Acquisition Regulatory Supplement (DFARS)...more

True Facts About False Claims: MoFo's FCA Newsletter - December 2024

Morrison & Foerster LLP on 1/4/2024

Designed for busy in-house counsel and compliance professionals, this newsletter seeks to bring you up to speed on key federal and state False Claims Act (FCA) developments, with links to primary resources. Each quarter, we...more

Incident Reporting: The Newly Proposed Cybersecurity Requirements

Clark Hill PLC on 11/14/2023

Last month the Federal Acquisition Regulatory (FAR) Council announced a major proposal regarding cybersecurity incident reporting and information. Comments currently are now due by February 2, 2024....more

33 Results

/

View per page

Page: of 2

Next »