Photo of Ryan Burnette

Ryan Burnette

Ryan Burnette advises clients on a range of issues related to government contracting. Mr. Burnette has particular experience with helping companies navigate mergers and acquisitions, FAR and DFARS compliance issues, public policy matters, government investigations, and issues involving government cost accounting and the Cost Accounting Standards.  Prior to joining Covington, Mr. Burnette served in the Office of Federal Procurement Policy in the Executive Office of the President, where he worked on government-wide contracting regulations and administrative actions affecting more than $400 billion dollars’ worth of goods and services each year.

On December 23, 2022, President Biden signed the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 into law.  The Act contains two significant prohibitions regarding the procurement and use of semiconductor products and services from specific Chinese companies and other foreign countries of concern that will come into effect in December 2027. 

Continue Reading NDAA Prohibits Government Purchase and Use of Certain Semiconductors

This is the nineteenth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various Government agencies to

This is the eighteenth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various Government agencies to

By: Robert Huffman, Susan Cassidy, Michael Wagner, Ryan Burnette, and Emma Merrill

This is the seventeenth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and

This is the sixteenth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various Government agencies to implement the cyber EO from June 2021 through July 2022.  This blog describes key actions taken to implement the Cyber EO during August 2022.

Continue Reading August 2022 Developments Under President Biden’s Cybersecurity Executive Order

On September 14, 2022, the Director of the Office of Management and Budget (“OMB”) issued a memorandum to the heads of executive branch departments and agencies addressing the enhancement of security of the federal software supply chain.  The memorandum applies to all software (other than agency-developed software) developed or experiencing major version changes to be operated “on the agency’s information systems or otherwise affecting the agency’s information,” and requires new self-attestations from software vendors before that software can be used by agencies.  

The memorandum is one among many deliverables stemming from Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  We have covered developments under this Executive Order as part of a series of monthly posts, with the first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various Government agencies to implement the Cyber EO from June 2021 through August 2022.  Key requirements of the memorandum are discussed in more detail below.

Continue Reading OMB Issues Memorandum on Self-Attestations by Software Developers of Secure Software Development Practices and Collection of Software Bill of Materials

This is the fifteenth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various Government agencies to implement the Cyber EO from June 2021 through June 2022.  This blog describes key actions taken to implement the Cyber EO during July 2022.

Continue Reading July 2022 Developments under President Biden’s Cybersecurity Executive Order

This is the fourteenth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various Government agencies to implement the Cyber EO from June 2021 through May 2022.  This blog describes key actions taken to implement the Cyber EO during June 2022.

Continue Reading June 2022 Developments Under President Biden’s Cybersecurity Executive Order

This is the eleventh in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the second through tenth blogs described the actions taken by various Government agencies to implement the EO from June 2021 through February 2022, respectively.  This blog summarizes key actions taken to implement the Cyber EO during March 2022.  As with steps taken during prior months, the actions described below reflect the implementation of the EO within the Government.  However, these activities portend further actions, potentially in or before June 2022, that are likely to impact government contractors, particularly those who provide software products or services to the Government.
Continue Reading March 2022 Developments Under President Biden’s Cybersecurity Executive Order

On March 8, 2022, the Department of Justice announced the first settlement of a case under the Civil Cyber-Fraud Initiative.  Established in October 2021, the Initiative aims to utilize the government’s authority under the civil False Claims Act to pursue alleged instances of fraud and misrepresentation concerning cyber practices.  (We previously wrote about the Initiative here.)  The Initiative has been a point of emphasis in DOJ speeches and public comments in recent months.  This settlement is a milestone in the rollout of the program and confirmation that DOJ intends to take allegations of cyber fraud seriously.
Continue Reading First Settlement of DOJ Civil Cyber-Fraud Initiative