On May 22, 2025, the Cybersecurity and Infrastructure Security Agency (“CISA”), which sits within the Department of Homeland Security (“DHS”) released guidance for AI system operators regarding managing data security risks.  The associated press release explains that the guidance provides “best practices for system operators to mitigate cyber risks through

Continue Reading CISA Releases AI Data Security Guidance

In a recent bid protest decision— Digital Force Technologies, Inc., B-423319 (May 19, 2025), the Government Accountability Office (“GAO”) denied a protest of a Small Business Innovation Research (“SBIR”) program Phase III sole source solicitation issued by the Air Force, concluding that the Air Force had properly procured work from a successor-in-interest entity that derives from, extends, or completes efforts under prior SBIR contracts.  Notably, GAO found that a single SBIR-derived component of the overall system to be procured can be a sufficient link to prior SBIR work for an agency to exercise its authority to issue a sole source SBIR Phase III contract.

This decision builds on previous GAO decisions in ASRC Federal Data Network Technologies, LLC, B-418765, Aug. 28, 2020, 2020 CPD ¶ 339 (“ASRC II”)[1] and Toyon Research Corporation, B-409765, Aug. 5, 2014, 2014 CPD ¶ 235, in which GAO had explained that “it must be evident that the requirements for the second effort incorporated original concepts, findings, ideas, or research results that were generated in the first.”[2] 

This blog post briefly summarizes background on the SBIR program and requirements for Phase III sole source awards, as backdrop to GAO’s findings in Digital Force Technologies.  The post then analyzes particular aspects of GAO’s decision suggesting an expansion of existing case law in this area and concludes with a brief discussion of practical considerations for government contractors.Continue Reading Digital Force Technologies, Inc.:  A “SBIR-Derived Component” Can Be Sufficient For SBIR Phase III

The Government Accountability Office (“GAO”) released a report on the Defense Contract Audit Agency’s (“DCAA”) past and future use of private-sector, independent public accountants to augment its auditor workforce. The initiative—approved under Section 803 of the Fiscal Year (“FY”) 2018 National Defense Authorization Act (“NDAA”)—began in fiscal year 2020 and was originally envisioned by Congress as a tool to reduce DCAA’s backlog of incurred cost audits. But, as GAO noted, DCAA had largely eliminated its audit backlog by the end of FY 2018, primarily through its reliance on risk-based sampling methodology, which reduced the number of audits DCAA was required to complete.Continue Reading GAO: DCAA Built a Valuable Bench of Independent Public Accountants, Now What?

On May 19, 2025, Deputy Attorney General Todd Blanche issued a memorandum establishing a DOJ Civil Rights Fraud Initiative.  The Initiative will use the False Claims Act (“FCA”) to “investigate and . . . pursue claims against any recipient of federal funds that knowingly violates federal civil rights laws.”  Educational institutions, federal contractors, grantees, and other entities that receive federal funding should take note of the latest FCA Initiative.  Similar FCA initiatives, such as those focused on collusion and cybersecurity fraud, have resulted in significant related FCA enforcement.Continue Reading Justice Department Establishes Civil Rights Fraud Initiative, Using False Claims Act to Target DEI

This is the third blog in a series of Covington blogs on cybersecurity policies, executive orders (“EOs”), and other actions of the new Trump Administration.  This blog describes key cybersecurity developments that took place in April 2025. 

NIST Publishes Initial Draft of Guidance for High Performance Computing Systems

U.S. National

Continue Reading April 2025 Cybersecurity Developments Under the Trump Administration

This is part of an ongoing series of Covington blogs on the AI policies, executive orders, and other actions of the Trump Administration.  This blog describes AI actions taken by the Trump Administration in April 2025, and prior articles in this series are available here.

White House OMB Issues

Continue Reading April 2025 AI Developments Under the Trump Administration

On April 20th, a bipartisan, bicameral group of lawmakers, including Senator Mark Kelly (D-Ariz.) and Senator Todd Young (R-Ind.) in the Senate and Representative John Garamendi (D-Calif.) and Representative Trent Kelly (R-Miss.) in the House, reintroduced the Shipbuilding and Harbor Infrastructure for Prosperity and Security for America Act of 2025 (the “SHIPS Act” or the “Act”). The SHIPS Act’s sponsors describe the bill as a “comprehensive approach to revitalizing the U.S. Merchant Marine.” It aims to: (1) establish national oversight and consistent funding for U.S. maritime policy; (2) make U.S.-flagged vessels more commercially competitive through de-regulation; (3) rebuild the U.S. shipyard industrial base; and (4) expand and strengthen the maritime labor force. It also sets a goal for establishing a fleet of 250 U.S.-flagged vessels in international commerce.Continue Reading Reintroduced SHIPS Act Signals Continued Momentum for Domestic Maritime Investment

Last Monday, April 28, 2025, the House passed a bill titled Removing Our Unsecure Technologies to Ensure Reliability and Security (“ROUTERS”) Act (H.R. 866), which directs the Secretary of Commerce to study national security risks and cybersecurity vulnerabilities “posed by consumer routers, modems, and devices that combine a modem and router, that are designed, developed, manufactured, or supplied by persons owned by, controlled by, or subject to the influence of a covered country.”  Similar to some other recent supply chain requirements imposed on federal contractors, the bill defines “covered countries” by reference to 10 U.S.C. 4872, which prohibits the acquisition of sensitive materials from North Korea, Russia, Iran, and China.Continue Reading ROUTERS Act on the Horizon: U.S. House Passes New Legislation

On Friday, May 2, the U.S. government announced further steps in its much-discussed plan to re-write the FAR by establishing a “Revolutionary FAR Overhaul” (“RFO”) website on Acquisition.gov, issuing written guidance to federal agencies, and releasing proposed revisions to FAR Part 1 – Federal Acquisition Regulation System and Part 34 – Major System Acquisition.  This activity comes on the heels of recent presidential directives requiring agencies to examine and reform their approach to procurement of goods and services, including Executive Order (“E.O.”) 14275, “Restoring Common Sense To Federal Procurement,” and E.O. 14271, “Ensuring Commercial, Cost-Effective Solutions in Federal Contracts.”

As anticipated, the FAR re-write is spearheaded by the Office of Federal Procurement Policy (“OFPP”) within the Office of Management and Budget (“OMB”) and the Federal Acquisition Regulatory Council (“FAR Council”).  The RFO website proclaims that the re-write is “the first-ever comprehensive overhaul of the FAR” and aims to “return the FAR to its statutory roots, rewritten in plain language, and remove most non-statutory rules.”  It also will result in “non-regulatory buying guides [to] provide practical strategies grounded in common sense while remaining outside the FAR.”  In short, the goal is characterized as “faster acquisitions, greater competition, and better results.”Continue Reading Early Signs of Progress in the “Revolutionary FAR Overhaul”

On January 21, 2025, President Trump issued Executive Order 14173, titled “Ending Illegal Discrimination and Restoring Merit-Based Opportunity” (“EO 14173”), which, among other things, revoked Executive Order 11246 (“EO 11246”), a 60-year-old Civil Rights-era directive that prohibited federal contractors from discriminating on the basis of race, color, religion, sex

Continue Reading The Executive Order 11246 Grace Period Ends Today (April 21)