Government Contracts & Investigations

Category: Cyber, Data Security, and Privacy

SEC Issued Proposed Rule on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure

By

Increasingly, the Federal government implements a rule for government contractors which then makes its way in some form into all of US industry.  Cybersecurity regulations, mandating that government contractors, grant and agreement holders, and their subcontractors, maintain certain security controls and report on cyber incidents, have been in effect for a number of years.  Indeed,Read More

Topics: Cyber, Data Security, and Privacy

Department of Homeland Security Issues “SHIELDS UP” Advisory for All Organizations Regardless of Size

By

This week the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) issued a “SHIELDS UP” advisory.  While it does not identify specific threats in the advisory, CISA states that the “Russian government understands that disabling or destroying critical infrastructure – including power and communications – can augment pressure on a country’s government, militaryRead More

Topics: Cyber, Data Security, and Privacy

A Sea Change in Handling of Government Contractor Cyber Incident Reporting?

By |

In the wake of increasing cybersecurity threats and incidents, the U.S. Department of Defense (DoD) amended its Federal Acquisition Regulation Supplement (DFARS) in 2015 to issue the 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting clause (DFARS clause).  The DFARS clause, which is included in all DoD solicitations and contracts, including those for acquisitionsRead More

Topics: Cyber, Data Security, and Privacy, Fraud, False Claims, and False Statements, Government Contracts

Biden’s Executive Order on Protecting Americans’ Sensitive Data from Foreign Adversaries

Published on June 9, 2021, President Biden’s Executive Order on Protecting America’s Sensitive Data from Foreign Adversaries is the latest Executive Order seeking to strengthen national security by improving public and private sector capabilities and practices relating to cybersecurity and supply chain risks. As explained in a previous article, the first such Executive Order addressedRead More

Topics: Cyber, Data Security, and Privacy

How Do You Address Solicitation Requirements and Contract Performance After CMMC Rollout?

By

Understanding the requirements for compliance with the interim DFARS rule on basic assessment and compliance with Cybersecurity Maturity Model Certification (CMMC) is not a task for the faint of heart. The rule requires that you accurately report the status of your compliance with the cybersecurity requirements in National Institute of Standards and Technology Special PublicationRead More

Topics: Cyber, Data Security, and Privacy