Protecting Our Nation’s Data: Cybersecurity Compliance for Government Contractors
Intellectual Property In Department of Defense Contracting
Additional Compensation from the Government: A Brief Comparison of REAs and Claims
Webinar: Trademarks and Government Contracting
Buy American: What Government Contractors Need to Know
Federal Contracting Overseas: Insider Tips for Ensuring Compliance with Host Country Laws
Navigating the FAR/DFARS: The Most Confusing and Little Known Clauses
Government Contracts Cyber Café: 2019 Wrap Up and Privacy, CMMC, and GRC in 2020
The Government Contracts Cyber Café: Recent Developments Update
Government Contracts Cyber Café Series: An Inside Look at DFARS Compliance Data
Government Contracts Cyber Café - Crisis Management: Beyond Compliance
Federal Cybersecurity Requirements
In our August 1 post, we discussed how companies that acquire government contractors can inherit the False Claims Act (“FCA”) exposure based on their targets’ cybersecurity violations. Now, the Department of Justice (“DOJ”)...more
On July 31, 2025, the U.S. Department of Justice (“DOJ”) announced a $1.75 million False Claims Act (“FCA”) settlement with Aero Turbine Inc. (“Aero Turbine”), a California-based defense contractor, and private equity firm...more
On May 1, 2025, the U.S. Department of Justice announced an $8.4 million settlement agreement with several defense contract companies (“companies”) resolving alleged violations of the False Claims Act. The settlement...more
Amid ongoing policy shifts in Washington, the federal government’s interest in pursuing civil cyber-fraud cases appears to be here to stay. In October 2021, the Department of Justice (DOJ) initiated its Civil Cyber-Fraud...more
Last year we made some predictions about 2024’s cyber landscape and major issues. Several proved prescient, with incident reporting, CISO scrutiny, SEC aggression, and new regulation of various sectors taking shape as the...more
The Department of Justice (DOJ) secured another win for its Civil Cyber-Fraud Initiative last week when it resolved a False Claims Act (FCA) action[1] alleging Pennsylvania State University (Penn State) failed to comply with...more
With another government fiscal year in the books, contractors may be anticipating the next season of bid protests. The Federal Circuit’s recent decision in Oak Grove Technologies v. United States offers a timely set of...more
This article is part of a monthly column that provides takeaways from recent bid protest cases. In this installment, we highlight decisions from the U.S. Court of Appeals for the Federal Circuit, the U.S. Government...more
WHAT: The U.S. Department of Defense (DOD) just published the second of two proposed rules setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The earlier...more
The Department of Defense (DoD) delivered its proposed Cybersecurity Maturity Model Certification Program rule (CMMC) the day after Christmas this year, including several related guidance documents (listed here). The proposed...more
The Federal Acquisition Regulation (FAR) Council has proposed two new cybersecurity rules that would impose significant obligations and risks for federal government contractors. The proposed rules impose substantial cyber...more
The FY2023 James M. Inhofe National Defense Authorization Act (FY2023 NDAA) included several important provisions for government contractors. We described several of those important FY2023 NDAA provisions in a presentation...more
On June 16, 2022, the US Department of Defense (DoD) issued a memorandum (DoD Memo) “reminding” contracting officers that noncompliance with the Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012,...more
WHAT: On November 4, 2021, the U.S. Department of Defense (DOD) announced the completion of a months-long internal review and significant changes to the strategic direction of its Cybersecurity Maturity Model Certification...more
The Department of Justice recently announced a new initiative that aims to hold government contractors accountable when they fail to meet required cybersecurity standards. In announcing the “Civil Cyber-Fraud Initiative” in...more
Earlier this week, the U.S. Department of Justice (DOJ) announced the launch of its new Civil Cyber-Fraud Initiative — an effort designed to harness the department's knowledge in civil fraud enforcement, government...more
The Department of Justice announced a new Civil Cyber-Fraud Initiative on October 6 – the latest move in a series of federal efforts to address the recent uptick in major cyberattacks. DOJ’s Initiative aims to hold...more
New Department of Defense (DoD) regulations related to government contractor Cybersecurity requirements become effective November 30, 2020. The progressive steps to mandatory contractor Cybersecurity Maturity Model...more
For over a year, we have been discussing the Department of Defense’s (DoD) eventual implementation of a Cybersecurity Maturity Model Certification (CMMC) program for Defense contractors, most recently during a webinar in...more
A long time ago in a galaxy far, far away, the Department of Defense (“DOD”) and industry came together after more than seven years of discussions and created a rational, logical, and fair constellation of regulations and...more
Attorneys Eric Crusius, Amy Fuentes, Kelsey Hayes and Vijaya Surampudi co-authored an article describing the major issues they expect government contracting professionals to face in the coming year. For example, the...more
A new Federal Acquisition Regulation (FAR), "Reporting of Nonconforming Items to the Government Industry Data Exchange Program," will become effective on December 23, 2019. The new FAR provision (FAR 46.317) and clause (FAR...more
On November 7, 2019, DOD issued “Draft Version 0.6” of its Cybersecurity Maturity Model Certification (CMMC) – a 90-page document that is available on DOD’s CMMC website. Version 0.6 is a significant step forward, but there...more
The Situation: The United States government has been ramping up its efforts to protect sensitive data and is making clear it expects its contractors to protect data they receive and create. According to a recent Inspector...more
Two recent cases now prove that to avoid liability under the False Claims Act (FCA), government contractors must build and monitor information systems to protect government information and must also implement policies and...more