Cybersecurity & Data Privacy | Government Contracts Insights

Topic Archives: Cybersecurity & Data Privacy

September 6, 2019 – Cybersecurity & Data Privacy, Defense

Department of Defense’s Cybersecurity Maturity Model Certification Planning Moves Forward

The Department of Defense (DoD) has taken another step on the path toward full implementation of its Cybersecurity Maturity Model Certification (CMMC) initiative. On September 5, 2019, the Office of the Assistant Secretary of Defense for Acquisition released version 4 of the CMMC and has requested public comment. The CMMC process began early this year ...›

June 26, 2019 – Cybersecurity & Data Privacy, Federal Procurement, Grants, Intellectual Property

Supreme Court Removes “Substantial Competitive Harm” Requirement for Contractors Seeking to Protect Confidential Information from Release Under FOIA

You can rejoice in a recent Supreme Court decision if you have ever spent hours trying to convince a government agency not to release your company’s confidential information to the public in response to a Freedom of Information request. In a reversal of long-standing precedent in federal district and circuit courts, the Supreme Court ruled ...›

May 15, 2019 – Cybersecurity & Data Privacy, Defense, False Claims Act

Federal Court Confirms that Cybersecurity Gaps Can Form the Basis of False Claims Act Violations

Since the Department of Defense (DoD) and other federal agencies began implementing formal cybersecurity requirements for government contractors within the last few years, one lingering question on the minds of federal contractors and subcontractors has been: “What happens if I do not comply?” Firms, including ours, have counseled that breach of contract claims are possible, ...›

October 22, 2018 – Cybersecurity & Data Privacy, Defense

Guidance on Securing Controlled Unclassified Information – Key Takeaways from the NIST CUI Workshop

On October 18, 2018, the National Institutes for Standards and Technology (NIST) hosted a day-long workshop that featured experts from across the government brought in to educate industry representatives and government agency personnel about the security requirements applicable to Controlled Unclassified Information (CUI). Hundreds of attendees, both in person and via webcast, turned out to ...›

January 25, 2018 – Cybersecurity & Data Privacy, Defense

Top Five Government Contractor Cybersecurity Considerations for 2018

Cybersecurity was a major issue for government contractors last year, and remains a hot button topic for 2018. Below we outline the most prominent considerations for the new year: 1. DFAR compliance The hottest cyber topic last year remains front and center. As of January 1, 2018, all Department of Defense (DoD) contractors that store, ...›

January 18, 2018 – Cybersecurity & Data Privacy, Defense

Data Rights Assault: What In The H (clause) Is Going On Here? Air Force Overreaching On OMIT Data

Although the government can obtain unlimited rights in technical data necessary for “operation, maintenance, installation, or training”(OMIT), the government is precluded by law from demanding unlimited OMIT rights in detailed manufacturing and process data or in software developed at private expense. Contractors need to be aware, however, that the Air Force is disregarding this statutory ...›

January 8, 2018 – Cybersecurity & Data Privacy, International Public Procurement

Mandatory Changes Proposed to UK Government Contracts’ Data Privacy Terms

The UK government has announced that it intends to write to all government contractors in order to make unilateral changes to all UK government contracts to comply with impending changes in EU data privacy law. It’s not clear how the UK government intends to implement these contractual changes given that, in almost every case, the ...›

December 12, 2017 – Cybersecurity & Data Privacy

Proposed CFIUS Overhaul Focuses on Cybersecurity and High-Tech Sectors

Recently proposed legislation would substantially overhaul current law governing the Committee on Foreign Investment in the United States (CFIUS) by dramatically expanding CFIUS’ authorities and calling for CFIUS to take cybersecurity and information security into account when authorizing foreign investments in U.S. businesses. Read our client alert. ...›

November 2, 2017 – Announcements & Press, Cybersecurity & Data Privacy, Export Controls & Sanctions, False Claims Act, Foreign Corrupt Practices Act

Missed MoForward 2018? Read Our Recap!

On Thursday, October 26th, Morrison Foerster’s Government Contracts Group held its inaugural MoForward Event at the Tysons Corner Ritz Carlton. The event was a rousing success, reflecting the unique interaction between our deep government contracts bench and our colleagues who have led the government’s and industry’s most significant enforcement and response teams. The full day ...›

October 31, 2017 – Cybersecurity & Data Privacy

So You’re Finally Compliant with the DFARS and NIST Requirements, but Are Your Subcontractors?

As the December 31 deadline for implementation of the NIST special publication 800-171 requirements called for by DFARS 252.204-7012 (“the DFARS cyber clause”) quickly approaches, most DoD prime contractors have taken steps to verify their IT systems’ compliance status and have developed plans of action to address any cybersecurity gaps. Having satisfied their own security ...›