Government Contracts & Investigations

Category: Cyber, Data Security, and Privacy

New Changes to the ITAR Focus on Unclassified Technical Data And the release of “Access Information”

By

As part of its years-long project to update and revise the International Traffic in Arms Regulations (ITAR) and better align them with the Export Control Regulations, the Department of State (DoS) recently amended the ITAR with an interim rule to address another group of amendments first proposed in June of 2015. The new rule definesRead More

Topics: Cyber, Data Security, and Privacy, Export Controls, Sanctions and CFIUS, International, Battlefield and Contingency Contracting, Statutes and Regulations

Securing the Supply Chain – CMMC Draft Version 0.7 Issued

By

Last month we reported on the Department of Defense’s (DoD’s) issuance of Version 0.6 of its draft Cybersecurity Maturity Model Certification (CMMC) standard. That draft included DoD updates and revisions to CMMC’s domains, capabilities and practices for Levels 1 through 3. It deferred revisions to those parts of CMMC covering Levels 4 and 5. OnRead More

Topics: Bid Protests and the Contracting Process, Contract Administration, Cyber, Data Security, and Privacy, Ethics and Compliance

DoD Issues Revised Draft Cyber Security Model Certification to Address Levels 1 Through 3

By

Previously we reported on the Department of Defense (‘DoD”) efforts to develop a Cybersecurity Maturity Model Certification (“CMMC”) program to verify the status of contractor cybersecurity and compliance. The CMMC program contemplates that third party auditors will be qualified and retained to review and certify contractors and suppliers at all tiers on their levels ofRead More

Topics: Cyber, Data Security, and Privacy

Navy-Marine Corps Issue Supplement to DFARS Cybersecurity Rule

By

In the face of increasing concern over the security of Navy and Marine Corps (Navy) programs, the Navy Marine Corps Acquisition Regulation Supplement (NMCARS) was updated on September 6, 2019 to incorporate significant additional cybersecurity compliance, monitoring and reporting requirements, as well as identify potential penalties for contractor noncompliance with cybersecurity requirements or delivery ofRead More

Topics: Cyber, Data Security, and Privacy

DoD Rolls Out Draft Cybersecurity Maturity Model Certification Framework To Validate Contractor Cybersecurity Compliance

By

Comments Due September 25, 2019 Earlier this year, Assistant Secretary of Defense for Acquisition & Logistics Kevin Fahey announced that the Department of Defense (“DoD”) was working with Carnegie Mellon University and Johns Hopkins Applied Physics Laboratory to develop a new cybersecurity standard and certification framework for defense contractors, the Cybersecurity Maturity Model Certification (“CMMC”).Read More

Topics: Cyber, Data Security, and Privacy