False Claims Act Insights - Can DE&I Initiatives Lead to Potential False Claims Act Liability?
Navigating Executive Orders: Strategies for Managing Stop Work Orders and Terminations
SBA’s Final Rule Is Here: Key Takeaways on Updates to HUBZone Program, Other Small Business Programs, and Various Small Business Matters
Work This Way: A Labor & Employment Law Podcast - Episode 28: Construction Compliance with Joan Moore and Mim Munzel of The Arbor Consulting Group
DE Under 3: FAR Council Seeks to Require Federal Contractors to Report First-Tier Subcontractor Information, Including Potentially Executive Compensation Data
DE Under 3: Contractors Have Second Opportunity to Comment on OFCCP’s Supply & Service Contractor Portal Information Collection
Preparing for Major Changes to DOT’s Disadvantaged Business Enterprise DBE Program
Excitement, Turbulence & Confusion: The Top 10 Employment Law Issues That Affected Federal Contractors in 2023
Successor Government Contractor Hiring Obligations Change: DOL’s Long Awaited Nondisplacement Rule
DE Under 3: What Federal Contractors Need to Know About OFCCP's New Audit Scheduling Letter
[Podcast] TikTok off the Clock: Navigating the TikTok Ban on Devices for Government Contractors
Partnering to Win: Teaming, Subcontracting, Joint Ventures, and Mentor Protégé Agreements
Construction Roundtable: Top 4 Legal Risks for Federal Construction Contractors
DE Under 3: OFCCP's Modified Proposal to Revise Scheduling Letter & Itemized Listing Revealed Via Newly Proposed Documents
Flow-Down Clauses in Federal Government Contracts - Tutorial 1 (Fundamentals)
Joint Venture Basics for Large and Small Contractors
Webinar: Trademarks and Government Contracting
Bidding for Major Contracts? Compliance Requirements You Should Prepare for Now
#WorkforceWednesday: Independent Contractor Rule Reinstated, OFCCP Targets Pay Equity Audits, OSHA Focuses on Health Care Facilities - Employment Law This Week®
Government Contractors: Preparing for OFCCP’s Affirmative Action Program Compliance Certification
On June 6, 2025, President Donald Trump issued Executive Order (E.O.) 14306 to scale back a range of cybersecurity requirements and government-wide approaches implemented by the Biden Administration....more
Cyber-attacks against America’s defense industrial base are becoming more sophisticated and more frequent. To reduce the risk of sensitive national security information landing in the hands of bad actors, the Department of...more
On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more
On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more
After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more
Part of the Biden Administration’s push to enhance U.S. cybersecurity capabilities has focused on imposing new requirements on government contractors. The 2023 National Cybersecurity Strategy suggested, for example, that...more
On October 15, 2024, the Department of Defense (DoD) published the final rule for the Cybersecurity Maturity Model Certification (CMMC) Program that not only finalizes the long-anticipated CMMC Rule but also foreshadows what...more
On October 15, 2024, the Department of Defense (“DoD”) published the final version of its rule implementing the Cybersecurity Maturity Model Certification (“CMMC”) Program under Title 32 of the Code of Federal Regulations...more
Cybersecurity Maturity Model Certification (CMMC) is coming — and now appears to be coming faster than many defense contractors believed. In the latest signal of CMMC’s forward momentum, the Department of Defense (DoD) issued...more
The United States Department of Defense (DoD) took another big step on the path to instituting its highly anticipated Cybersecurity Maturity Model Certification 2.0 program (CMMC 2.0). Once finalized, CMMC 2.0 will establish...more
Defense contractors and subcontractors that handle Controlled Unclassified Information (CUI) and do not have robust information-security system controls in place better get their house in order now if they want to do business...more
On December 26, 2023, the Department of Defense (“DoD”) belatedly gifted defense contractors and subcontractors a Proposed Rule on the Cybersecurity Maturity Model Certification (“CMMC”) Program. DoD also released eight CMMC...more
The US Department of Defense (DoD) has issued a proposed rule to implement its long-awaited Cybersecurity Maturity Model Certification program (CMMC 2.0). This proposed rule — released on December 26, 2023, and published in...more
The proposed rule requires contractors to make annual affirmations regarding their cybersecurity maturity, thus increasing their risk of False Claims Act Liability. The proposed rule allows for limited use of Plans of...more
In this series of articles, we explore the different certification requirements of CMMC Level 1, 2 and 3, the impact on contractors and external service providers, and proposed next steps... On December 26, 2023, the US...more
The Department of Defense (DoD) delivered its proposed Cybersecurity Maturity Model Certification Program rule (CMMC) the day after Christmas this year, including several related guidance documents (listed here). The proposed...more
For nearly two years, we have been reporting on this blog about the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program. CMMC is a training, certification, and third-party assessment...more
Each year, Congress presents us in Title VIII of the National Defense Authorization Act (NDAA) a potpourri of procurement reforms, changes, and additions. Some are effective immediately, while some are bound for rulemaking...more
On November 30, 2020, the U.S. Department of Defense (“DoD”) will begin to roll out the new Cybersecurity Maturity Model Certification (“CMMC”) framework that eventually will require all DoD contractors, subcontractors, and...more
A. Introduction and Key Take-Aways - The Department of Defense’s (DOD) Cybersecurity Maturity Model Certification (CMMC) program provides a metric for independent third parties to use in assessing and certifying the...more
- DoD has released the final version of the CMMC framework. - DoD anticipates that CMMC requirements will appear in a limited number of solicitations starting in October 2020 and that they will appear in all DoD...more
On January 30, the US Department of Defense (DoD) released version 1.0 of the Cybersecurity Maturity Model Certification (CMMC) framework, which will require DoD contractors and subcontractors to obtain third-party...more