January 31, 2020

Later today, the Department of Defense will release version 1.0 of its Cybersecurity Maturity Model Certification ("CMMC").  With the CMMC moving full steam ahead, several new pieces of information (below) have come to light regarding the timing of when the CMMC will appear DoD solicitations and the CMMC Accreditation Body's ("CMMC-AB") efforts to train the third-party assessors who will be performing CMMC assessments.

Given that this recent news might caus...

October 2, 2019

Today, the Department of Defense ("DoD"), General Services Administration ("GSA"), and the National Aeronautics and Space Administration ("NASA") have published a proposed rule to amend the Federal Acquisition Regulation ("FAR") to provide limitations on the use of lowest price technically acceptable ("LPTA") source selection procedures. 

Notably, this rule comes on the heels of DoD's recent final rule (discussed here) amending the Defense Federal Acquisition Regulation Supplement ("DFARS"), whic...

September 26, 2019

Today, the Department of Defense ("DoD") issued a final rule amending the Defense Federal Acquisition Regulation Supplement ("DFARS") to implement portions of the FY2017 and FY2018 National Defense Authorization Act ("NDAA"), which provide limitations and prohibitions on DoD's use of lowest price technically acceptable ("LPTA") source selection process. 

Effective Date:  October 1, 2019

Quick Observations

  • The intent of t...

June 23, 2019

The Department of Defense (DoD) will likely publish a draft Cybersecurity Maturity Model Certification (CMMC) standard sometime this summer (see here and here). While much focus has been on how the CMMC will help shore up defense industrial base (DIB) cybersecurity—i.e., as the enforcement mechanism for DFARS 7012/NIST SP 800-171 compliance via third-party audits––DoD also must address the process of how agency personnel will select the CMMC “go/no-go” threshold for set-aside procureme...

June 8, 2019

DoD to propose Cybersecurity Maturity Model Certification (CMMC)––via third-party audit––and it will add another layer to defense contractor cybersecurity compliance.

It appears that the CMMC will be comprised of five levels, ranging from basic to "State-of-the-Art." In addition, the article reports that, "DoD contracts will require specific levels — and awards will be 'go/no-go' based on the contractor’s certification status."

. . .

Article: https://sera-brynn.com/pentagon-to-unveil-new-cybersec...

April 2, 2019

Got DoD Cyber Compliance?

For DoD contractors, it appears that DFARS 252.204-7012 (NIST SP 800-171) compliance was just the beginning. Next, DoD will not only begin auditing companies for compliance within the next 18 months but also DoD is in the process of creating "new cybersecurity standards this year."

According to the article, "[t]he new cybersecurity standards will build off of the already existing [NIST SP] 800-171 standards required by the Pentagon."

#GovCon #Cybersecurity

https://federalne...

November 28, 2017

December 31, 2017 marks the deadline for compliance with DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting (“Cyber DFARS”).[1] The Cyber DFARS principally requires defense contractors to provide “adequate security” on all “covered contractor information systems”––by implementing NIST SP 800-171 security safeguards––and to comply with cyber incident reporting requirements.[2] While the Department of Defense (“DoD”) has recognized that “[t]here is no single...

Please reload

About GovConJudicata

Welcome to GovConJudicata an informational blog/website focusing on government contracts issues, including bid protests (e.g., GAO, COFC), claims, disputes, SBA matters, compliance, regulatory, and cyber (e.g., DFARS, NIST SP 800-171, CMMC).

GovConJudicata is published by Joshua Duvall, managing partner at Matross Edwards, a law firm providing government contracts and cybersecurity legal services to small and mid-sized businesses.

Contact Matross Edwards
Search By Tags
Please reload

Connect
  • LinkedIn
  • Twitter
  • Podcast
  • Spotify
  • TuneIn
  • Apple

Copyright © 2020 Joshua B. Duvall. All rights reserved.

GovConJudicata™ #govconjudicata

CyberJudicata™ #cyberjudicata

LegalJudicata™ #legaljudicata