Anyone who has been closely following the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program knows the effort has experienced a fair number of complications and delays. ForContinue Reading Updated Timeline for CMMC Implementation
Updated as of May 24, 2022
The United States is engaging in a new form of warfare. Russia invaded Ukraine just over two months ago and, rather than join the fight directly by sending troops to defend Ukraine, the United States is fighting indirectly by engaging in unprecedented financial warfare against the Russian Federation. The initial export and sanctions actions were swift and severe – but somewhat expected. As the invasion persists, the U.S. Federal Government and individual States also have begun to leverage procurement policy to amplify the financial harm to Russia. This Guide will try to help make sense of the current efforts targeting Russia, the potential impact to government contractors, and proactive steps to mitigate risk.…
On April 18, 2022, the Biden Administration (through the Office of Management and Budget (“OMB”)) issued OMB Memorandum M-22-11 (the “Guidance”) relating to the “Buy America” sourcing requirements under the “Build America, Buy America” portion of the Infrastructure Investment and Jobs Act (“IIJA”), Pub. L. No. 117-58, §§ 70901-70953. The Act aimed to strengthen Made in America Laws in accordance with President Biden’s Executive Order 14005, “Ensuring the Future is Made in America by All of America’s Workers” (discussed previously here). In addition to tasking the Federal Acquisition Regulatory Council with amending FAR regulations for the Buy American Act (“BAA”), Congress also imposed new “Buy America” requirements on federal infrastructure programs.
Continue Reading “Build America, Buy America” – New Guidelines Issued for U.S. Infrastructure Projects
Over a year after the Biden Administration issued Executive Order 14005 on “Ensuring the Future is Made in America by All of America’s Workers,” (discussed previously here) the Federal Acquisition Regulatory Council (“FAR Council”) has published a Final Rule (87 Fed. Reg. 12780) implementing changes to the Buy American Act (“BAA”) regulations at FAR Subpart 25.1 and 25.2. These new rules require (eventually) for federal agencies to procure end items manufactured in the United States that are at least 75% domestic content – a drastic increase from the current 55% domestic content requirement. Surprised? You shouldn’t be. We’ve been expecting this rule for a while now. What is a surprise is the effective date – October 25, 2022. The FAR Council wants to give companies a little time for the new rule to sink in and for companies to assess their supply chains to ensure that they can comply with the new thresholds. Companies are well advised to take advantage of this “transition period” between now and October 2022 to get their ducks in a row.
Continue Reading Few Surprises – New Rule Implementing Biden’s “Made in America” Changes the Buy American Act Effective October 2022
The National Institute of Standards and Technology (“NIST”) is seeking comments on its second draft of NIST SP 800-161 Rev. 1, “Cyber Supply Chain Risk Management Practices for Systems and Organizations,” published on October 28, 2021. We previously discussed the release of the first draft here. The public comment period currently is open and concludes on December 3, 2021. NIST anticipates releasing a final version during the third quarter of 2022.
Continue Reading Seeking HoNIST Opinions, Part II – NIST Invites Comments on Major Revision to Cyber Supply Chain Risk Management Practices and Software Guidelines Mandated By Cybersecurity Executive Order
Change is in the air for the Buy American Act (“BAA”). On July 30, 2021, the Federal Acquisition Regulatory Council published a proposed rule to the Federal Acquisition Regulation (“FAR”) to implement President Biden’s Executive Order 14005, on “Ensuring the Future is Made in America by All of America’s Workers,” which seeks to further strengthen U.S. Buy American laws and further encourage domestic procurement (previously discussed here). A public meeting to discuss the proposed rule is scheduled for August 26, 2021, and comments will be due September 28, 2021. This blog article summarizes the new BAA proposed rule, offering a primer in advance of the public meeting next week and the public comment deadline next month. Yes, folks – change is in the air. Fasten your seatbelts; we may encounter some turbulence ahead.
Continue Reading Fasten Your Seatbelts – Proposed Rule Implementing Biden’s “Buy American” Mandates
In February 2021, President Biden issued Executive Order 14017, “Executive Order on America’s Supply Chains” (discussed here), requiring (among other things) a report within 100-days requiring key government agencies to assess vulnerabilities and consider potential improvements to supply chains in four critical industries – (i) semiconductor manufacturing; (ii) high capacity batteries; (iii) rare earth elements; and (iv) pharmaceuticals.
Continue Reading At a Glance: White House 100-Day Supply Chain Report
The National Institute of Standards and Technology (“NIST”) is seeking comments on its draft NIST SP 800-161 Rev. 1, “Cyber Supply Chain Risk Management Practices for Systems and Organizations,” published on April 29, 2021. The public comment period currently is open and concludes on June 14, 2021. NIST anticipates releasing a second draft in September 2021, with a final version anticipated to be released by April 2022.
Continue Reading Seeking HoNIST Opinions – NIST Invites Comments on Major Revision to Cyber Supply Chain Risk Management Practices for Systems and Organizations (SP 800-161) and Provides Further Software Supply Chain Guidance
The Biden Administration has taken (at least temporarily) the teeth out of a Trump-era Executive Order that directed the government to “Buy American” for essential drugs and medical devices. President…
Continue Reading “Buy American” Update: Essential Medicines May Continue to Come From Abroad (For Now)
On February 24, 2021, President Biden signed Executive Order 14017, “Executive Order on America’s Supply Chains,” requiring a review of global supply chains that support key U.S. industries in an attempt to improve supply chain security for the U.S. government and U.S. companies. The new Executive Order appears to be an initial step focused on information gathering. Comprehensive reforms and supply chain strategies are likely to follow once the White House has collected key information.
Continue Reading Finding the Weak Links – President Biden Executive Order Demands Review of Critical U.S. Supply Chains
The United States is taking increasingly aggressive actions to prohibit imports from China that may have been produced by forced labor. According to the U.S. Department of Labor, China has…
Continue Reading Forced Labor and Supply Chains: A Complete Ban on Goods from Xinjiang or Additional WROs on the Horizon?