The Rise of OTAs in Defense Contracting: Opportunities, Risks, and What Contractors Need to Know
Podcast - Navigating the Updated SF-328 Form
Podcast - A Comparative Guide to Obtaining an FCL: DCSA vs. the Intelligence Community
Diversifying Your Contract Pipeline by Maximizing Opportunities through the DOD’s Mentor Protégé Program
A Comprehensive Overview of FOCI Mitigation
Podcast - Defense Dynamics: Navigating the Post-Election Landscape for the National Security Sector, Part 2
Mitigating FOCI Under Section 847
Episode 345 -- Raytheon Pays $950 Million to Resolve Fraud, FCPA, ITAR and False Claims Act Violations
Everyone Come to Play: Exploring FOCI Mitigation Instruments
Defense Dynamics: Navigating the Post-Election Landscape for the National Security Sector
Podcast - Navigating M&A Due Diligence: Safeguarding Security Clearances
Podcast - Change Condition Packages: Tips for Cleared Contractors
Podcast - Corporate Documents in the Context of Clearances
Navigating Personnel Security Clearances (PCLs)
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
What Is an FCL and How Do I Obtain One?
Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
Intellectual Property In Department of Defense Contracting
The When, Where, Why and How of CMMC with Fernando Machado
Federal contractors, including defense contractors, should prepare for the emergence of new requirements in the coming months that are designed to strengthen software supply chain security, impose more stringent cybersecurity...more
The U.S. Department of Justice (DOJ) announced on February 18 that Health Net Federal Services, LLC and its corporate parent, Centene Corporation, agreed to pay $11,253,400 to resolve False Claims Act (FCA) claims. Health...more
2024 was another active year in cybersecurity, with high-profile vulnerabilities and data breaches, and government and private sector responses to them. Examples include pervasive ransomware attacks targeting the healthcare,...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
Penn State recently agreed to pay $1.25 million to settle allegations of False Claims Act violations related to its cybersecurity controls after a whistleblower alleged that the university failed to adhere to cybersecurity...more
The Department of Justice (DOJ) secured another win for its Civil Cyber-Fraud Initiative last week when it resolved a False Claims Act (FCA) action[1] alleging Pennsylvania State University (Penn State) failed to comply with...more
Since 2016, the federal government has implemented numerous procurement regulations and associated contract clauses to address cybersecurity by requiring contractors to adopt various controls and standards to protect...more
Substantive cybersecurity amendments to the Federal Acquisition Regulation (FAR) are underway, significantly altering the duties and obligations of federal government contractors both prior to award and during contract...more
Two years after the Department of Justice (DOJ) established its Civil-Cyber Fraud Initiative, there has been a recent uptick in enforcement and regulatory activity related to cybersecurity. September opened with the unsealing...more
On June 21, 2023, the U.S. Department of Homeland Security (DHS) issued a final rule that revises the Homeland Security Acquisition Regulation (HSAR) to implement security and privacy measures for contractors to safeguard...more
Cybersecurity has been an important topic for many years now, yet the government has struggled with how to flow down cybersecurity obligations to its supply chain. The Department of Defense’s (DOD) Cybersecurity Maturity...more
Each month, Venable's Government Contracts Group publishes a summary of recent legal developments of interest to the government contractor community. ...more
Takeaway: The DOJ’s Cyber Fraud Initiative and qui tam actions under the False Claims Act represent signification enforcement mechanisms for cybersecurity contractor compliance. On the eve of 2022, the United States began...more
America’s data is under attack. Solar Winds and other recent headline-grabbing stories have demonstrated that foreign adversaries are eager to hack into computer systems for a wide range of purposes. The US Department of...more
A cyberattack over the weekend forced the shutdown of one of America’s largest pipelines for refined gas and jet fuel. Operator Colonial Pipeline revealed late Friday that it had “shut down its 5,500 miles of pipeline, which...more
The Biden Administration is imminently expected to release an executive order that will require government contractors to notify the government in the event of a cybersecurity breach. Despite the relatively steady rise in...more
The Legal Advisor is a newsletter distributed by the firm to our clients, friends and business contacts. The publication addresses current issues that are of concern to federal government contractors and commercial businesses...more
Although the Department of Defense (DOD) has long required its contractors to provide “adequate security” to protect “Covered Defense Information,” beginning on January 1 of this year, the Department specified that “adequate...more
The Department of Defense’s cybersecurity requirements for Covered Defense Information became effective on Dec. 31, 2017. See DFARS 52.204-7012. There is no corresponding FAR cybersecurity rule, leaving the civilian agencies...more
Government contractors are subject to cybersecurity requirements, found in the Federal Acquisition Regulation (FAR) and each agency’s supplement to the FAR, and some important deadlines are fast approaching. Set forth below...more
The Dec. 31, 2017 deadline for Department of Defense (DoD) contractors to comply with DoD’s cybersecurity and breach reporting requirements is looming. The requirements, which are set forth in DoD’s Oct. 21, 2016, final rule,...more
Etymology, particularly the Greek or Latin roots of words, aids our understanding in much the same way as root cause analysis does. The Greek word for disclosure is αποκάλυψη, transliterated to apokálypsi, or “apocalypse.”...more
The Department of Justice (DOJ) yesterday announced that it has charged a Maryland man, Harold Thomas Martin III with theft of government property and unauthorized removal and retention of classified materials by a government...more
In an interim final rule published on October 2, another layer has been added to the compliance landscape for defense contractors. In addition to complying with breach notification requirements in as many as 47 different...more
Companies doing business with the U.S. Department of Defense are facing new requirements for reporting data security breaches and for acquiring cloud computing services. The Interim Rule, effective August 26, 2015, amends the...more