Government Contracts & Investigations

Category: Cyber, Data Security, and Privacy

Biden’s Executive Order on Protecting Americans’ Sensitive Data from Foreign Adversaries

Published on June 9, 2021, President Biden’s Executive Order on Protecting America’s Sensitive Data from Foreign Adversaries is the latest Executive Order seeking to strengthen national security by improving public and private sector capabilities and practices relating to cybersecurity and supply chain risks. As explained in a previous article, the first such Executive Order addressedRead More

Topics: Cyber, Data Security, and Privacy

How Do You Address Solicitation Requirements and Contract Performance After CMMC Rollout?

By

Understanding the requirements for compliance with the interim DFARS rule on basic assessment and compliance with Cybersecurity Maturity Model Certification (CMMC) is not a task for the faint of heart. The rule requires that you accurately report the status of your compliance with the cybersecurity requirements in National Institute of Standards and Technology Special PublicationRead More

Topics: Cyber, Data Security, and Privacy

In the Wake of Colonial Pipeline Cyber Incident, President Issues Executive Order on Improving the Nation’s Cybersecurity – What Will It Do?

By

If you live on the East Coast and tried to get gasoline last week, you already know firsthand of the impacts that a cyber incident can wreck on the supply chain.  As a result of the Colonial Pipeline cyber incident, a ransomware attack that led to the six-day shutdown of a key pipeline for gasoline,Read More

Topics: Cyber, Data Security, and Privacy

Securing the Supply Chain

By

Numerous pieces of legislation and regulation have been issued in recent years to address the increased threats to the supply chain.  We previously reported on the various aspects of the Section 889 ban on the Government and government contractors’ use and delivery of covered Chinese telecommunications and video surveillance equipment, components and services, and theRead More

Topics: Cyber, Data Security, and Privacy, Statutes and Regulations, Supply Chain Risk Management

Controlled Unclassified Information – The Devil Is In The Details

By

Recently I participated in the National Defense Industrial Association (NDIA) Cyber Division’s Cyber Law and Policy Committee tabletop exercise on the identification and treatment of Controlled Unclassified Information (CUI) for purposes of compliance with DFARS 252.204-7012, Safeguarding covered defense information and cyber incident reporting, and the new Interim DFARS rules, 252.204-7019 and 252.204-7020, on BasicRead More

Topics: Cyber, Data Security, and Privacy