Topic Archives: Cybersecurity & Data Privacy

November 23, 2020Cybersecurity & Data Privacy

Deadline Fast Approaching for DoD Contractors and Subcontractors to Report Cyber Compliance

As we previously reported, the Department of Defense (DoD) has issued an interim rule that requires all contractors and subcontractors that store, process, generate, transmit or access “covered defense information” to conduct a self- assessment of compliance with NIST SP 800-171 using the DoD Assessment Methodology.  Contractors must post their self-assessment scores on the Defense ...›

November 3, 2020Cybersecurity & Data Privacy

Breaking DOD’s Code: How to Figure Out and Resist What DOD Really, Truly Wants to Do to Your Data Rights

Your rights in technical data and software are at greater risk today than at any time during the last 25 years.  The Department of Defense (“DOD”) is proposing the authority to rewrite commercial software licenses in ways never before seen and guaranteed to be rejected by your software suppliers, as well as proposing authority to ...›

FCA

U.S. District Court for the District of Columbia Finds That Alleged Cybersecurity Vulnerability Is Not Material Under False Claims Act

In a decision sure to bring some comfort to contractors providing information technology equipment and services to the federal government, a U.S. district court judge recently granted a motion to dismiss a False Claims Act (FCA) suit, finding that the relator both failed to establish materiality under the FCA and failed to prove the necessary scienter on the part of the contractor. ...›

September 30, 2020Cybersecurity & Data Privacy

Department of Defense Issues CMMC Interim Rule, Setting up a Two-Part Process for Review of Contractor IT Systems

On September 29, 2020, the Department of Defense (DoD) issued a long-anticipated interim rule implementing its Cybersecurity Maturity Model Certification (CMMC) program.  The rule introduces a new mandatory construct, the DoD Assessment Methodology, to serve as an interim certification process before contractors undergo a full CMMC review.  A full description of the interim rule and ...›

Department of Defense March Towards CMMC Continues

Although, as of late, the coronavirus and its impact have been top of mind for government contractors and, indeed, the entire world, the Department of Defense (DoD) has continued undeterred with its planned implementation of the Cybersecurity Maturity Model Certification (CMMC) program.  Below we highlight some recent developments, preview upcoming activities pertaining to CMMC, and ...›

Cyber Preparedness for Government Contractors: Opportunistic Hackers and the COVID-19 Pandemic

The COVID-19 pandemic has disrupted operations across the globe as government agencies and corporations grapple with the implications of remote work, workforce and workplace limitations, and employee health and safety.  But while this worldwide crisis has introduced new complexities and challenges, it also has presented an opportunity for hackers seeking to capitalize on the pandemic ...›

February 3, 2020Cybersecurity & Data Privacy

Department of Defense Takes a More Gradual Approach to Cybersecurity Maturity Model Certification

On January 31, 2020, the Department of Defense (DoD) issued the widely anticipated final version (v.1) of its Cybersecurity Maturity Model Certification (CMMC) Model. The version followed seven drafts and multiple rounds of comments from the contracting community. In the lead up to the release, DoD representatives walked back the timing for full implementation of ...›

January 7, 2020Cybersecurity & Data Privacy

A Watershed Moment in Cybersecurity for Government Contractors – Anticipated Impacts of the Department of Defense’s Cybersecurity Maturity Model Certification Program

As 2020 begins, one of the biggest changes facing contractors working with the U.S. Department of Defense (“DoD”) is the implementation of DoD’s enhanced cybersecurity regulations, known as the Cybersecurity Maturity Model Certification (“CMMC”) program. CMMC has the potential to be a game changer as cybersecurity becomes a gating item in connection with the contract ...›

September 6, 2019Cybersecurity & Data Privacy, Defense

Department of Defense’s Cybersecurity Maturity Model Certification Planning Moves Forward

The Department of Defense (DoD) has taken another step on the path toward full implementation of its Cybersecurity Maturity Model Certification (CMMC) initiative. On September 5, 2019, the Office of the Assistant Secretary of Defense for Acquisition released version 4 of the CMMC and has requested public comment. The CMMC process began early this year ...›