As called for in the May 12, 2021 Cybersecurity Executive Order (“EO”) released by the Biden Administration (discussed here), NIST met its deadline to release a definition of “critical software” within 45 days of the date of the Order.  The determination of what constitutes “critical software” is a key step in the process set forth in the Order for securing the software supply chain, which will culminate sometime next year in new Federal Acquisition Regulations for contractors that supply software.
Continue Reading Right on Time – NIST Releases Definition of “Critical Software” Per Biden’s Cybersecurity Executive Order

On May 12, 2021, the Biden Administration issued its much anticipated “Executive Order on Improving the Nation’s Cybersecurity.” Below are provisions we believe will be of most interest to contractors, as well as any company that provides information technology (“IT”) and operational technology (“OT”) services, cloud computing, software, or internet of things (“IoT”) technology, as the new regulations and standards called for in the Order are likely to have an impact beyond government contractors.
Continue Reading Biden’s Cybersecurity Executive Order

On January 19, 2021, the Federal Acquisition Regulatory Council published the final rule amending the Federal Acquisition Regulation (“FAR”) in accordance with President Trump’s Executive Order 13881, “Maximizing Use of American-Made Goods, Products, and Materials.” As we discussed in our prior blog articles here (discussing the September 2020 proposed rule) and here (discussing the July 15, 2019 order), the Executive Order required significant changes to the regulations implementing the Buy American Act, 41 U.S.C. §§ 8301-8305 (“BAA”). The final rule varies very little from the September 14, 2020 proposed rule (discussed in greater detail here). Accordingly, the final rule amends applicable FAR clauses with three key impacts:
Continue Reading “Buy (More) American” – Final Rule Implements Changes to the Buy American Act Regulations