Podcast - Navigating the Updated SF-328 Form
Podcast - A Comparative Guide to Obtaining an FCL: DCSA vs. the Intelligence Community
Diversifying Your Contract Pipeline by Maximizing Opportunities through the DOD’s Mentor Protégé Program
A Comprehensive Overview of FOCI Mitigation
Podcast - Defense Dynamics: Navigating the Post-Election Landscape for the National Security Sector, Part 2
Mitigating FOCI Under Section 847
Episode 345 -- Raytheon Pays $950 Million to Resolve Fraud, FCPA, ITAR and False Claims Act Violations
Everyone Come to Play: Exploring FOCI Mitigation Instruments
Defense Dynamics: Navigating the Post-Election Landscape for the National Security Sector
Podcast - Navigating M&A Due Diligence: Safeguarding Security Clearances
Podcast - Change Condition Packages: Tips for Cleared Contractors
Podcast - Corporate Documents in the Context of Clearances
Navigating Personnel Security Clearances (PCLs)
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
What Is an FCL and How Do I Obtain One?
Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
Intellectual Property In Department of Defense Contracting
The When, Where, Why and How of CMMC with Fernando Machado
Podcast - The State of Contractor Cybersecurity with Katie Arrington
Earlier this year, the Department of Defense (DoD) published an “Intellectual Property Guidebook for DoD Acquisition.” It is the culmination of many years of work and the most insightful data rights guidance out of the...more
Government contractors should be on high alert following the recent announcement that Raytheon Company, its parent RTX Corporation, and Nightwing Group, LLC, have agreed to pay $8.4 million to resolve allegations of violating...more
Although the change in administrations has heralded shifting enforcement priorities at the U.S. Department of Justice (DOJ), cybersecurity enforcement under the False Claims Act (FCA) appears to be alive and well. That is the...more
On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more
2024 was another active year in cybersecurity, with high-profile vulnerabilities and data breaches, and government and private sector responses to them. Examples include pervasive ransomware attacks targeting the healthcare,...more
As of January 17, 2025, the Department of Defense’s data rights regulations and contract clauses look a little different, yet substantively very little has changed. The update is to formally incorporate changes the Small...more
On December 23, 2024, President Biden signed the Source Code Harmonization and Reuse in Information Technology Act (“SHARE IT Act” or “the Act”), which provides a formal mechanism for federal agencies to store and share...more
Note to research compliance officials still digesting news of Pennsylvania State’s recent $1.25 million settlement over False Claims Act (FCA) allegations related to cybersecurity and the government’s recent intervention in a...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
On August 22, 2024, the United States intervened in a whistleblower suit against the Georgia Institute of Technology, initially filed by current and former members of Georgia Tech’s cybersecurity team, alleging that Georgia...more
Cybersecurity requirements for federal contractors and grantees continue to proliferate—and those requirements do not just come with contractual risk. Increasingly, the United States government is leveraging enforcement...more
The United States notified the U.S. District Court for the Northern District of Georgia that it plans to intervene in a False Claims Act case filed against Georgia Tech Research Corporation (Georgia Tech) by its Associate...more
Learning Objectives - What is CMMC and should I care? - Cybersecurity is crucial for compliance in any company - Is NIST 800-171 (The CMMC Framework) worth employing? - Thoughts and observations from the field...more
On June 16, 2022, the US Department of Defense (DoD) issued a memorandum (DoD Memo) “reminding” contracting officers that noncompliance with the Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012,...more
At the heels of a recent Civil Cyber-Fraud Initiative related to cybersecurity practices and the False Claims Act (FCA), a cybersecurity-related FCA case has survived a motion for summary judgment, teeing up a trial to...more
The Department of Defense (DOD) recently announced several changes to its Cybersecurity Maturity Model Certification program. The program applies to those who serve as contractors and suppliers to the DOD. As described in our...more
People like to say that cybersecurity threats are constantly evolving. So perhaps it’s fitting that cybersecurity compliance is undergoing a significant evolution of its own this year, too. That evolution is the arrival of...more
For a whole decade, ACI’s U.S. Export & Reexport Compliance for Canadian Operations conference continues to stand apart as the only practical, comprehensive event of its kind for the export compliance community in Canada. ...more
Companies doing business with the U.S. Department of Defense are facing new requirements for reporting data security breaches and for acquiring cloud computing services. The Interim Rule, effective August 26, 2015, amends the...more