Last week, the Department of Defense (DOD) released for comment the first public draft of the Cybersecurity Maturity Model Certification (CMMC) model, CMMC v.04. The looming question on every contractor’s mind is “what does this mean for the other cybersecurity...
In a recent decision on a motion to dismiss, a federal district judge in the Eastern District of California served a reminder that the cybersecurity requirements included in federal contracts have some teeth. United States ex rel. Brian Markus v. Aerojet Rocketdyne...
LAMPS PLUS, INC. v. VARELA, ___ U.S. ___, No. 17-988 (24 April 2019). The Federal Arbitration Act (FAA), 9 U.S.C. §2, requires courts to enforce arbitration agreements according to their terms. In Stolt-Nielsen, S.A. v. AnimalFeeds, Int’l Corp., 559 U.S. 662 (2010),...
Government contractors focused on DoD’s acquisition efforts and other businesses should keep an eye on the smoke signals in Washington rising on privacy. From GDPR in Europe, to the draft new NIST Privacy Framework, to NTIA’s request for comments on privacy, the...
Since December 31, 2017, DoD contractors are required to have “implemented” DFARs Clause 252.204-7012 (“Safeguarding Covered Defense Information and Cyber Incident Reporting”) by the implementation of NIST 800-171 on their covered information systems. For most of the...
Davison v. Randall, ___ Fd.3rd ___, U.S. Court of Appeals for the 4th Circuit No. 17-2002 (7 January 2019) First Amendment, free speech clause; Facebook; public official In 2015, Phyllis J. Randall became the chairperson of the Loudoun County Board of Supervisors....
As government contractors implement the DFARS cybersecurity contract clause (DFARS 252.204-7012) and await the expected Federal Civilian-wide clause, other U.S. companies are figuring out the impact and requirements of the EU General Data Protection Regulation (GDPR)....
Just this past September, the Navy issued a policy memorandum, effective immediately, entitled “Implementation of Enhanced Security Controls on Select Industrial Base Partner Networks.” It called for stricter cybersecurity requirements under DFARS 252.204-7012 for...
The European Union’s new, rigorous privacy rules, the General Data Protection Regulation (GPDR), continue to wash across the U.S. legal and regulatory landscape and impact U.S. based government contractors. The latest to join the movement are our friends at the...
Now that electronic signatures are becoming common-place, government contractors need to know what qualifies as a valid electronic signature in procurement. An offer that is not properly signed could easily show that the offeror did not intent to be bound by its offer...
