Topic Archives: Cybersecurity & Data Privacy

Department of Defense March Towards CMMC Continues

Although, as of late, the coronavirus and its impact have been top of mind for government contractors and, indeed, the entire world, the Department of Defense (DoD) has continued undeterred with its planned implementation of the Cybersecurity Maturity Model Certification (CMMC) program.  Below we highlight some recent developments, preview upcoming activities pertaining to CMMC, and ...›

Cyber Preparedness for Government Contractors: Opportunistic Hackers and the COVID-19 Pandemic

The COVID-19 pandemic has disrupted operations across the globe as government agencies and corporations grapple with the implications of remote work, workforce and workplace limitations, and employee health and safety.  But while this worldwide crisis has introduced new complexities and challenges, it also has presented an opportunity for hackers seeking to capitalize on the pandemic ...›

February 3, 2020Cybersecurity & Data Privacy

Department of Defense Takes a More Gradual Approach to Cybersecurity Maturity Model Certification

On January 31, 2020, the Department of Defense (DoD) issued the widely anticipated final version (v.1) of its Cybersecurity Maturity Model Certification (CMMC) Model. The version followed seven drafts and multiple rounds of comments from the contracting community. In the lead up to the release, DoD representatives walked back the timing for full implementation of ...›

January 7, 2020Cybersecurity & Data Privacy

A Watershed Moment in Cybersecurity for Government Contractors – Anticipated Impacts of the Department of Defense’s Cybersecurity Maturity Model Certification Program

As 2020 begins, one of the biggest changes facing contractors working with the U.S. Department of Defense (“DoD”) is the implementation of DoD’s enhanced cybersecurity regulations, known as the Cybersecurity Maturity Model Certification (“CMMC”) program. CMMC has the potential to be a game changer as cybersecurity becomes a gating item in connection with the contract ...›

September 6, 2019Cybersecurity & Data Privacy, Defense

Department of Defense’s Cybersecurity Maturity Model Certification Planning Moves Forward

The Department of Defense (DoD) has taken another step on the path toward full implementation of its Cybersecurity Maturity Model Certification (CMMC) initiative. On September 5, 2019, the Office of the Assistant Secretary of Defense for Acquisition released version 4 of the CMMC and has requested public comment. The CMMC process began early this year ...›


Supreme Court Removes “Substantial Competitive Harm” Requirement for Contractors Seeking to Protect Confidential Information from Release Under FOIA

You can rejoice in a recent Supreme Court decision if you have ever spent hours trying to convince a government agency not to release your company’s confidential information to the public in response to a Freedom of Information request. In a reversal of long-standing precedent in federal district and circuit courts, the Supreme Court ruled ...›

Federal Court Confirms that Cybersecurity Gaps Can Form the Basis of False Claims Act Violations

Since the Department of Defense (DoD) and other federal agencies began implementing formal cybersecurity requirements for government contractors within the last few years, one lingering question on the minds of federal contractors and subcontractors has been:  “What happens if I do not comply?”  Firms, including ours, have counseled that breach of contract claims are possible, ...›

October 22, 2018Cybersecurity & Data Privacy, Defense

Guidance on Securing Controlled Unclassified Information – Key Takeaways from the NIST CUI Workshop

On October 18, 2018, the National Institutes for Standards and Technology (NIST) hosted a day-long workshop that featured experts from across the government brought in to educate industry representatives and government agency personnel about the security requirements applicable to Controlled Unclassified Information (CUI).  Hundreds of attendees, both in person and via webcast, turned out to ...›