Photo of Nikole Snyder

Nikole Snyder is an associate in the Government Contracts, Investigations and International Trade Practice Group in the firm's Washington, D.C. office.

At long last, the Department of Defense (“DoD”) has provided its interim rule, published in the Federal Register on September 29, 2020, amending the Defense Federal Acquisition Regulation Supplement (“DFARS”) to set forth requirements for the Cybersecurity Maturity Model Certification (“CMMC”) program, as well as new requirements for a “NIST SP 800-171 DoD Assessment Methodology.”  The interim rule is effective November 30, 2020, and comments to the interim rule should be submitted by November 30 as well.  Continue reading for our breakdown of key provisions.
Continue Reading DoD’s Long Awaited Rule on CMMC – Plus a New Cybersecurity Assessment Methodology for Contractors to Start Right Now

On September 10, 2020, the General Services Administration (“GSA”) hosted a webinar related to its implementation of Section 889 of the 2019 NDAA – the ban relating to certain Chinese telecom companies – and associated updated FAR clauses.  (We previously have written about Section 889 here, here, here, and here).  Below we provide highlights from the meeting.  Slides presented at the meeting also are available here.
Continue Reading GSA’s Take on Implementation of Section 889

On July 14, 2020 the Department of Defense (“DoD”), General Services Administration (“GSA”), and the National Aeronautics and Space Administration (“NASA”) published an Interim Rule amending the Federal Acquisition Regulation (“FAR”) in order to implement Section 889(a)(1)(B) of the FY 2019 National Defense Authorization Act (“NDAA”).[1] The Interim Rule is effective August 13, 2020, and applies to all solicitations issued after (or resulting in contracts that will be awarded after) the effective date. Interested parties have until September 14, 2020 to submit written comments for consideration in the formation of the Final Rule.
Continue Reading Interim Rule Confirms Section 889 Part B Restriction on Contractor Use of Chinese Telecom Will Go Into Effect August 2020

A lot has happened since the Department of Defense (“DOD”) released its Cybersecurity Maturity Model Certification (CMMC) v. 1.0 back in February (see our prior discussion here).  In addition to developments with the CMMC Accreditation Body (“CMMC AB”), DOD has clarified applicability of the program to Commercially available off-the-shelf (“COTS”) providers and the impact of COVID-19 on program implementation.     
Continue Reading DOD CMMC Update – Third Party Auditors Gear Up and COTS Providers Get a Pass

On January 30, 2020, the Department of Defense (“DOD”) released its Cybersecurity Maturity Model Certification (“CMMC”) v.1.0, after releasing several draft versions of the document over the past year.  
Continue Reading CMMC Version 1.0: Enhancing DOD’s Supply Chain Cybersecurity

On January 7, 2020, the National Aeronautics and Space Administration (“NASA”) published a proposed rule seeking to amend the NASA Federal Regulation Supplement regarding counterfeit electronic parts. The proposed rule
Continue Reading Let the Seller Beware – NASA’s Proposed Rule Seeks to Limit the Presence of Counterfeit Electronic Parts

On November 6, 2019, the Department of Homeland Security (“DHS”), Cybersecurity & Infrastructure Security Agency (“CISA”) released its Cyber Essentials guide. Consistent with the NIST Cybersecurity Framework, these Cyber
Continue Reading CISA Releases “Cyber Essentials” to Assist Small Businesses