May 26, 2020

The Verizon 2020 Data Breach Investigations Report ("DBIR") is here.  In this 13th DBIR, Verizon analyzed a record total of 157,525 incidents, of which 32,002 met their quality standards and 3,950 were confirmed data breaches. 

Before we dive into some the data, here are some helpful definitions:

  • Threat actor: Who is behind the event? This could be the external “bad guy” that launches a phishing campaign or an employee who leaves sensitive documents in their seat-back...

December 16, 2019

The Department of Defense ("DoD") recently published its Draft Cybersecurity Maturity Model Certification ("CMMC") Version 0.7 (dated December 6, 2019). DoD posted the following note with the release:

DoD is releasing this latest version (v0.7) so that the public can review the draft model and begin to prepare for the eventual CMMC roll out. This document includes CMMC Levels 1-5 as well as the associated discussion and clarification for a subset of practices and processes in Appendices B - E.

CMM...

April 2, 2019

Got DoD Cyber Compliance?

For DoD contractors, it appears that DFARS 252.204-7012 (NIST SP 800-171) compliance was just the beginning. Next, DoD will not only begin auditing companies for compliance within the next 18 months but also DoD is in the process of creating "new cybersecurity standards this year."

According to the article, "[t]he new cybersecurity standards will build off of the already existing [NIST SP] 800-171 standards required by the Pentagon."

#GovCon #Cybersecurity

https://federalne...

December 21, 2017

Nowadays, “malware,” “ransomware,” and “hacking” are ubiquitous terms. Take a quick glance at your LinkedIn feed and you might see something related to cybersecurity. Frankly, cybersecurity should be there. The protection of sensitive, personal data is paramount and corporate leaders are taking notice. According to recent surveys by Grant Thornton and the Association of Corporate Counsel, cybersecurity has become a major concern for corporate officers and general counsel.[1] Their concerns aren’...

November 28, 2017

December 31, 2017 marks the deadline for compliance with DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting (“Cyber DFARS”).[1] The Cyber DFARS principally requires defense contractors to provide “adequate security” on all “covered contractor information systems”––by implementing NIST SP 800-171 security safeguards––and to comply with cyber incident reporting requirements.[2] While the Department of Defense (“DoD”) has recognized that “[t]here is no single...

November 26, 2017

In 2012, Robert Mueller famously professed, “I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again.”[1]  While that statement still rings true five years later, governing bodies are continuing to work diligently to enact laws that place heightened scrutiny on corporate data security measures.[2]  As a result, proactive and reactive data...

Please reload

About GovConJudicata

Welcome to GovConJudicata an informational blog/website focusing on government contracts issues, including bid protests (e.g., GAO, COFC), claims, disputes, SBA matters, compliance, regulatory, and cyber (e.g., DFARS, NIST SP 800-171, CMMC).

GovConJudicata is published by Joshua Duvall, managing partner at Matross Edwards, a law firm providing government contracts and cybersecurity legal services to small and mid-sized businesses.

Contact Matross Edwards
Search By Tags
Please reload

Connect
  • LinkedIn
  • Twitter
  • Podcast
  • Spotify
  • TuneIn
  • Apple

Copyright © 2020 Joshua B. Duvall. All rights reserved.

GovConJudicata™ #govconjudicata

CyberJudicata™ #cyberjudicata

LegalJudicata™ #legaljudicata