Effective August 25, 2022, the U.S. Department of Defense (“DoD”) has issued two new changes to the Defense Federal Acquisition Regulation Supplement (“DFARS”) reinforcing national defense priorities that limit DoDContinue Reading In the Interest of National Security – Two New DFARS Rules Reinforce Increased Scrutiny For Chinese-Origin Supply Chains
Lillia Damalouji is an associate in the Governmental Practice in the firm's Washington D.C. office. Lillia is licensed in Maryland, pending admission in Washington, D.C., working under the supervision of a D.C. Bar member.
NIST Wants Your Input – Updating NIST’s Controlled Unclassified Information (CUI) Guidelines
On July 19, 2022, the National Institute of Standards and Technology (NIST) released a Pre-Draft Call for Comments, seeking feedback on improving its Controlled Unclassified Information (CUI) series of publications. The comment period currently is open and scheduled to close on September 16, 2022. …
Continue Reading NIST Wants Your Input – Updating NIST’s Controlled Unclassified Information (CUI) Guidelines
DOJ Announces Civil Cyber-Fraud Initiative To Enforce Contractor Cybersecurity Compliance
On Wednesday, October 6, 2021, the Department of Justice (“DOJ”) announced a new Civil Cyber-Fraud Initiative to enforce cybersecurity standards and reporting requirements. The Initiative will use DOJ’s civil enforcement mechanisms, namely the False Claims Act, to pursue government contractors and federal grant recipients that “knowingly provid[e] deficient cybersecurity products or services, knowingly misrepresent their cybersecurity practices or protocols, or knowingly violat[e] obligations to monitor and report cybersecurity incidents and breaches.” DOJ will not limit enforcement to entities; individuals also can be held accountable for cybersecurity-related fraud. Under the False Claims Act, penalties for such violations could be substantial, including treble damages.
Continue Reading DOJ Announces Civil Cyber-Fraud Initiative To Enforce Contractor Cybersecurity Compliance
Moving to Zero Trust – CISA and OMB Seek Comments on Zero Trust Publications and Cloud Security Technical Reference Architecture under Cybersecurity Executive Order
The Office of Management and Budget (“OMB”) released its draft Federal Zero Trust Strategy under President Biden’s Executive Order on Improving the Nation’s Cybersecurity (No. 14028) (discussed previously here and…
Continue Reading Moving to Zero Trust – CISA and OMB Seek Comments on Zero Trust Publications and Cloud Security Technical Reference Architecture under Cybersecurity Executive Order
Watch Your Boundaries – FedRAMP Releases Draft Authorization Boundary Guidance for Public Comment
The FedRAMP Program Management Office is seeking comments on its draft FedRAMP Authorization Boundary Guidance, Version 2.0, released on July 13, 2021. The public comment period currently is open and closes on September 13, 2021.
Continue Reading Watch Your Boundaries – FedRAMP Releases Draft Authorization Boundary Guidance for Public Comment