The Rise of OTAs in Defense Contracting: Opportunities, Risks, and What Contractors Need to Know
Podcast - Navigating the Updated SF-328 Form
Podcast - A Comparative Guide to Obtaining an FCL: DCSA vs. the Intelligence Community
Diversifying Your Contract Pipeline by Maximizing Opportunities through the DOD’s Mentor Protégé Program
A Comprehensive Overview of FOCI Mitigation
Podcast - Defense Dynamics: Navigating the Post-Election Landscape for the National Security Sector, Part 2
Mitigating FOCI Under Section 847
Episode 345 -- Raytheon Pays $950 Million to Resolve Fraud, FCPA, ITAR and False Claims Act Violations
Everyone Come to Play: Exploring FOCI Mitigation Instruments
Defense Dynamics: Navigating the Post-Election Landscape for the National Security Sector
Podcast - Navigating M&A Due Diligence: Safeguarding Security Clearances
Podcast - Change Condition Packages: Tips for Cleared Contractors
Podcast - Corporate Documents in the Context of Clearances
Navigating Personnel Security Clearances (PCLs)
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
What Is an FCL and How Do I Obtain One?
Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
Intellectual Property In Department of Defense Contracting
The When, Where, Why and How of CMMC with Fernando Machado
This past month, the Department of Defense sent the final rule for the new Cybersecurity Maturity Model Certification (CMMC) program under the Federal Acquisition Regulation to the Office of Information and Regulatory Affairs...more
The United States Department of Justice (DOJ) recently settled a qui tam suit with defense contractor Raytheon and its successor company, Nightwing Intelligence Solutions, LLC (Nightwing), totaling $8.4 million. The...more
Government contractors regularly handle sensitive federal data, and cybersecurity compliance is no longer optional—it’s mandatory. A recent settlement between the Department of Justice (DOJ) and defense contractor Raytheon...more
On May 1, 2025, the U.S. Department of Justice (DOJ) announced a settlement under the False Claims Act (FCA) involving defense contractors Raytheon Company (Raytheon), RTX Corporation (RTX), and Nightwing Group—the successor...more
Government efforts to enforce cybersecurity control requirements have moved forward in the opening months of the Trump administration. Regardless of the changes coming to other areas of contracting and the Federal Acquisition...more
On March 26, 2025, the United States Department of Justice (DOJ) announced that it had reached an agreement with MORSECORP Inc. (MORSE) to settle alleged violations of the False Claims Act (FCA), specifically regarding...more
The Department of Justice (DOJ) recently reached a $4.6 million civil False Claims Act (FCA) settlement with MORSECORP, Inc. (MORSE) arising out of allegations that the company failed to comply with Department of Defense...more
On March 26, 2025, the Department of Justice (DOJ) entered into a settlement agreement with MORSECORP, Inc. (MORSE), resolving False Claims Act (FCA) allegations that MORSE submitted false claims for payment under Department...more
A recent United States Department of Justice (DOJ) announcement reinforces that enforcement of cybersecurity requirements under the False Claims Act (FCA) remains an ongoing risk. According to the press release, defense...more
Citing the threats posed by foreign adversaries and criminal organizations, and seeking enhanced accountability for companies that provide software and cloud services to the federal government, the Biden administration has...more
Note to research compliance officials still digesting news of Pennsylvania State’s recent $1.25 million settlement over False Claims Act (FCA) allegations related to cybersecurity and the government’s recent intervention in a...more
On December 16, the U.S. Department of Defense’s Cybersecurity Maturity Model Certification Program (CMMC) final rule (the “CMMC Program Rule”) will become effective, to codify the CMMC requirements and assessment processes....more
On August 22, 2024, the United States intervened in a whistleblower suit against the Georgia Institute of Technology, initially filed by current and former members of Georgia Tech’s cybersecurity team, alleging that Georgia...more
In August, the United States filed a Complaint-in-Intervention in a False Claims Act (FCA) whistleblower suit alleging that the Georgia Institute of Technology (“Georgia Tech”) and an affiliate, Georgia Tech Research Corp....more
The Department of Defense (DoD) is currently reviewing and adjudicating the public comments received in response to its proposed regulations implementing its Cybersecurity Maturity Model Certification 2.0 program (CMMC)....more
On February 19, 2024, the Department of Justice (“DOJ”) notified the U.S. District Court for the Northern District of Georgia that it would intervene in a False Claims Act (“FCA”) case filed against Georgia Tech Research...more
The United States notified the U.S. District Court for the Northern District of Georgia that it plans to intervene in a False Claims Act case filed against Georgia Tech Research Corporation (Georgia Tech) by its Associate...more
Over the holidays, the U.S. Department of Defense (DoD) issued proposed rules for updating its Cybersecurity Maturity Model Certification (CMMC) program from its existing Defense Acquisition Regulatory Supplement (DFARS)...more
On December 26, 2023, the Department of Defense ("DoD") published a proposed rule to implement the Cybersecurity Maturity Model Certification ("CMMC") 2.0, which will establish comprehensive cybersecurity requirements for...more
The US Department of Defense (DoD) has issued a proposed rule to implement its long-awaited Cybersecurity Maturity Model Certification program (CMMC 2.0). This proposed rule — released on December 26, 2023, and published in...more
The proposed rule requires contractors to make annual affirmations regarding their cybersecurity maturity, thus increasing their risk of False Claims Act Liability. The proposed rule allows for limited use of Plans of...more
Two years after announcing the second iteration of the U.S. Department of Defense's (DoD) Cybersecurity Maturity Model Certification (CMMC) program, the DoD released its proposed rule that, if adopted, will implement the...more
On December 4, the Department of Defense Office of Inspector General (DoD OIG) issued a “special” Audit Report (the Report) that provides insight into common cybersecurity weaknesses related to the protection of Controlled...more
Small Business Administration (SBA) Press Release: SBA Announces Biden-Harris Administration’s Progress in Small Business Lending with End-of-Year Capital Program Numbers - On November 21, Small Business Administrator...more
In what can best be described as a tsunami of cybersecurity regulation, the Federal Acquisition Regulation (FAR) Council—consisting of the Department of Defense (DoD), General Services Administration (GSA), and National...more