Skip to content

Cybersecurity & Data Privacy

How to Mitigate a Growing Business Risk: Cybersecurity and Liability Coverage

On Behalf of Berenzweig Leonard, LLP | August 11, 2022 | Cybersecurity & Data Privacy

Cyber-attacks can have catastrophic consequences on all areas of a business. But, have no fear— businesses can reduce these risks and mitigate potential financial loss by obtaining strong cyber liability coverage coupled with an emphasis on enhancing cybersecurity posture. Recent Data on Cyber-Attacks A cyber-attack was listed as the top…

CMMC 2.0: The Streamlined and Simplified CMMC Program

On Behalf of Berenzweig Leonard, LLP | January 6, 2022 | Cybersecurity & Data Privacy , Government Contracts

Cybersecurity continues to be a critical issue that is front and center for defense contractors. For the past two years, defense contractors have been preparing for the implementation of the Department of Defense’s (DoD) landmark Cybersecurity Maturity Model Certification (CMMC) program— a cybersecurity training, certification, and third-party assessment program intended…

Another Cybersecurity Plan Leaves Contractors With Questions: DOD Releases Draft Cybersecurity Maturity Model Certification (CMMC) Plan.

On Behalf of Berenzweig Leonard, LLP | September 19, 2019 | Cybersecurity & Data Privacy

Last week, the Department of Defense (DOD) released for comment the first public draft of the Cybersecurity Maturity Model Certification (CMMC) model, CMMC v.04. The looming question on every contractor’s mind is “what does this mean for the other cybersecurity requirements?” The purpose of the CMMC…

Cybersecurity and the False Claims Act – DoD and NASA Cybersecurity Standards Come Front and Center

On Behalf of Berenzweig Leonard, LLP | June 13, 2019 | Cybersecurity & Data Privacy

In a recent decision on a motion to dismiss, a federal district judge in the Eastern District of California served a reminder that the cybersecurity requirements included in federal contracts have some teeth. United States ex rel. Brian Markus v. Aerojet Rocketdyne Holdings, Inc. and Aerojet Rocketdyne, Inc. is…

Arbitration; classwide arbitration; doctrine of contra proferentum

by John W. Polk | May 16, 2019 | Cybersecurity & Data Privacy

LAMPS PLUS, INC. v. VARELA, ___ U.S. ___, No. 17-988 (24 April 2019). The Federal Arbitration Act (FAA), 9 U.S.C. §2, requires courts to enforce arbitration agreements according to their terms.  In Stolt-Nielsen, S.A. v. AnimalFeeds, Int’l Corp., 559 U.S. 662 (2010), the Court held that a court may compel…

The Drumbeat For Federal Privacy Law Grows

On Behalf of Berenzweig Leonard, LLP | March 11, 2019 | Cybersecurity & Data Privacy

Government contractors focused on DoD’s acquisition efforts and other businesses should keep an eye on the smoke signals in Washington rising on privacy.   From GDPR in Europe, to the draft new NIST Privacy Framework, to NTIA’s request for comments on privacy, the legal landscape on this…

DCMA To Audit Contractor Cyber Compliance

On Behalf of Berenzweig Leonard, LLP | February 11, 2019 | Cybersecurity & Data Privacy

Since December 31, 2017, DoD contractors are required to have “implemented” DFARs Clause 252.204-7012 (“Safeguarding Covered Defense Information and Cyber Incident Reporting”) by the implementation of NIST 800-171 on their covered information systems. For most of the past year, contractors have been told they mainly need to have System…

Ruling On Facebook, Free Speech And Public Officials

On Behalf of Berenzweig Leonard, LLP | January 25, 2019 | Cybersecurity & Data Privacy

Davison v. Randall, ___ Fd.3rd ___, U.S. Court of Appeals for the 4th Circuit No. 17-2002 (7 January 2019) First Amendment, free speech clause; Facebook; public official In 2015, Phyllis J. Randall became the chairperson of the Loudoun County Board of Supervisors. After taking office, Randall created a…

New U.S. Privacy Initiatives: NIST Privacy Framework

On Behalf of Berenzweig Leonard, LLP | December 13, 2018 | Cybersecurity & Data Privacy

As government contractors implement the DFARS cybersecurity contract clause (DFARS 252.204-7012) and await the expected Federal Civilian-wide clause, other U.S. companies are figuring out the impact and requirements of the EU General Data Protection Regulation (GDPR). Meanwhile, the U.S. Government (both executive branch and Congress) are moving out smartly…

Navy Raises the Bar on Cyber Compliance

On Behalf of Berenzweig Leonard, LLP | November 16, 2018 | Cybersecurity & Data Privacy

Just this past September, the Navy issued a policy memorandum, effective immediately, entitled “Implementation of Enhanced Security Controls on Select Industrial Base Partner Networks.” It called for stricter cybersecurity requirements under DFARS 252.204-7012 for critical defense contractors (the “7012 Clause”). The memorandum required a new Contract Data Requirement List…