Helping individuals, companies, and organizations understand key legal and practical considerations for promoting compliance and making better business decisions in these types of federal, state, and local government contracting matters MORE

Cyber, Data Security, and Privacy

If you live on the East Coast and tried to get gasoline last week, you already know firsthand of the impacts that a cyber incident can wreck on the supply chain.  As a result of the Colonial Pipeline cyber incident, a ransomware attack that led to the six-day shutdown of a key pipeline for gasoline,

Numerous pieces of legislation and regulation have been issued in recent years to address the increased threats to the supply chain.  We previously reported on the various aspects of the Section 889 ban on the Government and government contractors’ use and delivery of covered Chinese telecommunications and video surveillance equipment, components and services, and the

Recently I participated in the National Defense Industrial Association (NDIA) Cyber Division’s Cyber Law and Policy Committee tabletop exercise on the identification and treatment of Controlled Unclassified Information (CUI) for purposes of compliance with DFARS 252.204-7012, Safeguarding covered defense information and cyber incident reporting, and the new Interim DFARS rules, 252.204-7019 and 252.204-7020, on Basic

If you don’t know about SolarWinds, then you haven’t been reading the news for the past six months. Last October 2020, it was reported that a widely-used networking tool that helps companies in the public and private sectors manage their Information Technology (IT) portfolios – SolarWinds Orion product — had been compromised. Publicly, it has