Inside DOJ’s New Cyber-Fraud InitiativeThe Department of Justice (DOJ) recently announced the launch of the Civil Cyber-Fraud Initiative, which will utilize the False Claims Act (FCA) to pursue cybersecurity-related fraud by government contractors and grant recipients. Key features of and takeaways from this new initiative are discussed below.

Key Features 

  • The initiative aims to hold accountable entities or individuals

NISPOM Codified as Regulation; JPAS Retiring SoonIf your business holds a U.S. security clearance — or is in the process of applying for one — take note of two big changes at the Defense Counterintelligence and Security Agency (DCSA). First, after more than 25 years, the National Industrial Security Program Operating Manual (NISPOM) is now being codified in the Code of

DoD Has Two New Cybersecurity FrameworksA recent interim rule from the Department of Defense (DoD) would create a new self-assessment methodology for the cybersecurity requirements in NIST SP 800-171. The same rule also would implement the Cybersecurity Maturity Model Certification (CMMC) Framework. The interim rule, which was published on September 29, 2020, will become effective on November 30, 2020.

Cybersecurity Health & Compliance: Best Practices in Commercial Business & Government ContractingLearn how to protect critical data assets through basic cybersecurity hygiene, including email and password security and social media best practices. Other topics to be addressed include insider thread preparedness, cybersecurity and privacy issues in the remote work environment. In addition, government regulations and compliance topics, such as the coming Cybersecurity Maturity Model Certification and

Struggle Creates Innovation: Technology and Data Privacy for ContractorsAs the coronavirus (COVID-19) spread around the world, most businesses were forced to close their doors temporarily and take steps towards working virtually. However, the U.S. construction industry, deemed “essential” by nearly every stay-at-home order issued throughout the country, kept operating and kept building. After all, construction does not occur “virtually.” While many viewed the

CISA Updates Guidance on Essential Critical Infrastructure Workers; More States Issue Stay-at-Home OrdersOver the weekend, the Cybersecurity & Infrastructure Security Agency (CISA) issued updated guidance expounding on its classification of workers who are essential to the nation’s critical infrastructure viability during the COVID-19 crisis. As discussed in our previous alert and blog post, CISA has identified 16 key infrastructure sectors that should continue operations to protect

DFARS / CMMC for 2020: Culmination of Efforts to Protect National Security Data and Networks 2020 Cybersecurity Requirements for Government Contractors

In 2016, the U.S. Department of Defense (DoD) issued a Defense Federal Acquisition Regulation Supplement (DFARs) intended to better protect defense data and networks. Beginning in 2017, DoD began issuing a series of memoranda to further enhance protection of defense data and networks via Cybersecurity Maturity Model Certification (CMMC).

Cybersecurity Violations Potentially Actionable under the False Claims ActA California federal court recently allowed a relator’s False Claims Act suit against two federal contractors to proceed where the relator’s allegations centered on purported noncompliance with federal cybersecurity requirements. As discussed below, this case should serve as a wake-up call to federal contractors, as it not only confirms that perceived noncompliance with federal cybersecurity