Susan B. Cassidy

Ms. Cassidy represents clients in the defense, intelligence, and information technologies sectors. She works with clients to navigate the complex rules and regulations that govern federal procurement and her practice includes both counseling and litigation components. Ms. Cassidy conducts internal investigations for government contractors and represents her clients before the Defense Contract Audit Agency (DCAA), Inspectors General (IG), and the Department of Justice with regard to those investigations. From 2008 to 2012, Ms. Cassidy served as in-house counsel at Northrop Grumman Corporation, one of the world’s largest defense contractors, supporting both defense and intelligence programs. Previously, Ms. Cassidy held an in-house position with Motorola Inc., leading a team of lawyers supporting sales of commercial communications products and services to US government defense and civilian agencies. Prior to going in-house, Ms. Cassidy was a litigation and government contracts partner in an international law firm headquartered in Washington, DC.

Subscribe to all posts by Susan B. Cassidy

NIST to Host CUI Information Security Workshop

The National Institute of Standards and Technology (NIST), in coordination with the Department of Defense (DoD) and the National Archives and Records Administration (NARA), will host a Workshop providing an overview of Controlled Unclassified Information (CUI) on October 18, 2018. The agenda for the Workshop shows a full day of panels, including those addressing DoD’s “Safeguarding Covered Defense Information … Continue Reading

Covington Artificial Intelligence Update: Department of Defense Establishes Joint Artificial Intelligence Center

By Susan B. Cassidy, Calvin Cohen and Zachary Mears on July 16, 2018 Posted in Artificial Intelligence (AI), Defense Industry

In a memorandum issued June 27, 2018, Deputy Secretary of Defense Patrick Shanahan ordered the establishment of the Joint Artificial Intelligence Center (“JAIC”) within DoD. The JAIC will report to DoD Chief Information Officer (“CIO”) Dana Deasey and has the “overarching goal of accelerating the delivery of AI-enabled capabilities, scaling the Department-wide impact of AI, … Continue Reading

Covington Artificial Intelligence Update: GAO Testimony Before Congress Regarding Emerging Opportunities, Challenges, and Implications for Policy and Research with Artificial Intelligence

By Calvin Cohen and Susan B. Cassidy on July 11, 2018 Posted in Artificial Intelligence (AI)

Timothy M. Persons, GAO Chief Scientist Applied Research and Methods, recently provided testimony on artificial intelligence (“AI”) before the House of Representatives’ Subcommittees on Research and Technology and Energy, Committee on Science, Space, and Technology. Specifically, his testimony summarized a prior GAO technological assessment on AI from March 2018. Persons’ statement addressed three areas: (1) … Continue Reading

DoD Seeks Streamlined Procurements of Innovative Technologies – Other Transaction Agreements and the Commercial Solutions Opening Pilot Program

By Susan B. Cassidy, Jennifer Plitsch and Tyler Evans on July 3, 2018 Posted in Defense Industry, Government Contracts Regulatory Compliance, Intellectual Property, NDAA, Procurement Reform

The Department of Defense (DoD) has once again emphasized its willingness to engage with commercial companies and other non-traditional contractors to try to expedite and simplify its procurement of innovative technologies. In particular, the Defense Information Systems Agency (DISA) indicated that it plans to enter directly into Other Transaction Authority (OTA) agreements, and DoD issued a … Continue Reading

Senate Armed Services Committee Proposes Expansive but Unclear Software Review Provisions

By Jeff Bozman, Zachary Mears, Susan B. Cassidy, David Fagan, Frederic Levy and Heather Finstuen on June 15, 2018 Posted in Cybersecurity, Defense Industry, Government Contracts Regulatory Compliance, NDAA

As the Senate approaches the end of its debate on the National Defense Authorization Act for Fiscal Year 2019, provisions of the bill regarding access to and review of information technology code deserve close attention. These sections, if enacted, would significantly impact Department of Defense contractors and also would affect matters associated with investments subject … Continue Reading

Congress Aims to Redefine the “Subcontract”

By Justin Ganderson and Susan B. Cassidy on June 14, 2018 Posted in Commercial Items, Government Contracts Regulatory Compliance, NDAA, Procurement Policy, Procurement Reform, Subcontracting

[Updated June 19, 2018] If an agreement qualifies as a “subcontract” under a government contract, then it may be subject to certain flow-down, compliance, and reporting requirements. These requirements are intended to protect the government’s interests, and have significant ramifications for contractors, e.g., increasing transaction costs, expanding potential areas of exposure. These compliance obligations and … Continue Reading

DoD Final Rule to Promote Post-Award Disclosure of Defective Pricing Arms Contractors with Potentially Impactful Information

By Susan B. Cassidy and Bryan Byrd on May 8, 2018 Posted in Costs, DCAA, Defense Industry, Government Contracts Regulatory Compliance

On May 4, 2018, the Department of Defense (“DoD”) issued a final rule amending the Defense Federal Acquisition Regulation Supplement (“DFARS”) to state that, in the interest of promoting voluntary disclosures of defective pricing identified by contractors after contract award, DoD contracting officers have more discretion to determine the scope of the involvement of the … Continue Reading

Draft DoD Guidance on SSPs and NIST SP 800-171 – Impact on Bid Protests and Ongoing Contract Performance

By Susan B. Cassidy, Jay Carey and Kayleigh Scalzo on April 25, 2018 Posted in Audits, Bid Protests, Claims and Contract Disputes, Cybersecurity, False Claims Act, Uncategorized

On April 24, 2018, the Department of Defense (DoD) issued a Notice and Request for Comment on draft guidance that DoD proposes for assessing contractors’ System Security Plans (SSPs) and their implementation of the security controls in NIST Special Publication (SP) 800-171. This includes assessments as part of source selection decisions and during contract performance. DFARS … Continue Reading

Department of Homeland Security Secretary Kirstjen Nielsen Proposes “More Forward-Leaning Posture” for Federal Government in Cybersecurity

By Susan B. Cassidy and Calvin Cohen on April 24, 2018 Posted in Cybersecurity

On April 17, 2018, Department of Homeland Security (DHS) Secretary Kirstjen Nielsen delivered a keynote address at the RSA Conference. A copy of her prepared remarks is available here. Secretary Nielsen’s remarks highlighted efforts by DHS to address the evolving cybersecurity threats to our country’s critical infrastructure. Secretary Nielsen set the stage by describing the … Continue Reading

If Shulkin Didn’t Resign, Who Runs the VA Until a New Secretary Is Confirmed? A Vacancies Act Puzzle

By Susan B. Cassidy, Jennifer Plitsch, Michael Wagner and Evan R. Sherwood on April 3, 2018 Posted in Government Contracts Regulatory Compliance, Health Care Contracting, Multiple Award Schedule Contracting, Procurement Policy, Uncategorized

Recent news reports have raised a substantial question about who has authority to run the Department of Veterans Affairs (“VA”) in the wake of Dr. David Shulkin’s departure from the agency. According to the White House, Dr. Shulkin resigned. Meanwhile, Dr. Shulkin himself has publicly insisted that he did not resign and was instead fired. … Continue Reading

GSA Unveils Plan for Commercial Online Shopping Portal

By Susan B. Cassidy, Jennifer Plitsch, Michael Wagner and Evan R. Sherwood on March 20, 2018 Posted in Commercial Items, Multiple Award Schedule Contracting

Following instructions from Congress to create a new online shopping system leveraging existing commercial practices, the General Services Administration (“GSA”), in coordination with the Office of Management and Budget (“OMB”), has released an implementation plan (“Plan”) to begin e-commerce purchases by 2019. As discussed in a previous blog post, GSA’s Plan is a first step … Continue Reading

NIST Seeks to Assist Contractors in Assessing SP 800-171 Compliance

By Susan B. Cassidy and Patrick Stanton on March 12, 2018 Posted in Cybersecurity, Government Contracts Regulatory Compliance, Information Technology Contracting

Late last month, the National Institute of Standards and Technology (“NIST”) released a set of documents for public comment that are aimed at helping contractors assess and implement compliance with NIST Special Publication (“SP”) 800-171, which establishes the standards for protecting Covered Defense Information (“CDI”), among other forms of Controlled Unclassified Information (“CUI”). First, NIST … Continue Reading

DHS Cybersecurity Legislation Advances Through Capitol Hill

By Raymond Biagini, Susan B. Cassidy and Calvin Cohen on March 9, 2018 Posted in Cybersecurity, SAFETY Act

Earlier this week, both chambers on Capitol Hill took steps that would increase the Department of Homeland Security’s (DHS) role in the area of cybersecurity. On the Senate side, the Senate Homeland Security and Governmental Affairs Committee approved a DHS reauthorization bill that included amendments to rename and reorganize the DHS National Protection and Programs … Continue Reading

Latest NIST Draft Report a Call to Action for Federal Agencies and Private Companies

By Susan B. Cassidy and Priscilla Fasoro on February 26, 2018 Posted in Cybersecurity, Internet of Things (IoT)

Inflection Point for IoT In a relatively short amount of time, the adoption of the Internet of Things (IoT) and its applications — from smart cars to the myriad of interconnected sensors in the General Service Administration building reminiscent of HAL 9000 from 2001: A Space Odyssey — has rapidly proliferated, providing significant opportunities and … Continue Reading

DIUx and DoD Other Transaction Prototype Agreements: The Fast Track to DoD Funding

By Susan B. Cassidy, Jennifer Plitsch and Tyler Evans on February 22, 2018 Posted in Defense Industry, Information Technology Contracting, Intellectual Property

On February 7, the Department of Defense (DoD) awarded REAN Cloud a contract valued at up to $950 million to work with defense agencies to migrate existing applications to commercial cloud solutions. The award is of significant relevance to efforts currently underway in connection with the upcoming DoD Joint Enterprise Defense Infrastructure—or “JEDI”—procurement. However, the … Continue Reading

Changes Coming to the FAR: Government Proposes New Rules on Data Breaches, Cost Evaluation of IDIQ Proposals, and Overseas Small Business Contracting

By Susan B. Cassidy and Evan R. Sherwood on January 30, 2018 Posted in Government Contracts Regulatory Compliance, Procurement Policy

Federal contractors may be subject to a slate of new regulations in 2018, including rules that increase cyber reporting burdens, expand small business competition, and change the procedures for competitively awarding IDIQ contracts. Among the proposed rules, announced in the Semiannual Regulatory Agenda of the FAR Council and the General Services Administration (“GSA”), are changes … Continue Reading

GSA Hears Comments from Industry About e-Commerce Portals

By Susan B. Cassidy, Jennifer Plitsch, Michael Wagner and Evan R. Sherwood on January 10, 2018 Posted in Commercial Items, Government Contracts Regulatory Compliance

As part of ongoing efforts to create an online marketplace for government purchasers, GSA officials held a public meeting yesterday to discuss potential market structures and legal requirements. A wide range of stakeholders attended the hearing, responding to questions from GSA on issues such as how many online portals should be implemented, who should have … Continue Reading

DFARS Cyber Rule – What Questions Should Contractors Ask Themselves in the New Year?

By Susan B. Cassidy and Catlin Meade on January 5, 2018 Posted in Cybersecurity

[The referenced article was originally published in Law360.] Since August 2015, defense contractors have been on notice that they were required to implement the security controls in National Institute of Standards and Technology (“NIST”) Special Publication (“SP”) 800-171 no later than December 31, 2017 on covered contractor information systems. Although the focus has been on meeting … Continue Reading

NIST Holds Webcast to Discuss Updates to Cybersecurity Framework

By Susan B. Cassidy and Moriah Daugherty on December 20, 2017 Posted in Cybersecurity

On December 20, 2017, the National Institute of Standards and Technology (“NIST”) held a live webcast to discuss the draft updates to the Framework for Improving Critical Infrastructure Cybersecurity (“the Cybersecurity Framework”) and the Roadmap for Improving Critical Infrastructure Cybersecurity (“the Roadmap”). Although the webcast is not currently available online, NIST plans to publish a … Continue Reading

Online Shopping for Government Contracts? GSA Invites Industry to Comment on Its Upcoming e-Commerce Portals

By Susan B. Cassidy, Jennifer Plitsch and Evan R. Sherwood on December 14, 2017 Posted in Commercial Items, Government Contracts Regulatory Compliance

In an effort to create a new online market for government contracts, the General Services Administration (“GSA”) has invited industry to comment on the development and design of e-commerce portals for commercial procurements. GSA’s request for comments will be published tomorrow, December 15, 2017. This comment period provides a valuable opportunity for contractors to advise … Continue Reading

NIST Releases Updated Draft of Cybersecurity Framework

By Susan B. Cassidy and Moriah Daugherty on December 8, 2017 Posted in Cybersecurity

On December 5, 2017, the National Institute of Standards and Technology (“NIST”) announced the publication of a second draft of a proposed update to the Framework for Improving Critical Infrastructure Cybersecurity (“Cybersecurity Framework”), Version 1.1, Draft 2. NIST has also published an updated draft Roadmap to the Cybersecurity Framework, which “details public and private sector … Continue Reading

DoD Updates Internal Guidance on DFARS Cyber Rule

By Susan B. Cassidy and Evan R. Sherwood on December 5, 2017 Posted in Cybersecurity, Defense Industry, Privacy, Procurement Policy

The Department of Defense (“DoD”) has updated portions of its internal guidance addressing compliance with the requirements of Defense Federal Acquisition Regulation Supplement (“DFARS”) 252.204-7012, “Safeguarding Covered Defense Information and Cyber Incident Reporting.”… Continue Reading

NIST Releases New Draft Publication Designed to Assist Contractors In Assessing Compliance with NIST SP 800-171

By Susan B. Cassidy, Ashden Fein and Moriah Daugherty on December 4, 2017 Posted in Cybersecurity, Government Contracts Regulatory Compliance

Ahead of the upcoming December 31, 2017 deadline for federal defense contractors to implement National Institute of Standards and Technology (“NIST”) Special Publication 800-171 (“SP 800-171”), NIST has released a new draft publication designed to assist organizations in assessing compliance under SP 800-171, Draft Special Publication 800-171A, Assessing Security Requirements for Controlled Unclassified Information (“CUI”) … Continue Reading

DoD Class Deviations Allow for Greater Contracting Flexibility in Times of Crisis

By Susan B. Cassidy on November 21, 2017 Posted in Biodefense, Commercial Items, Contingency Contracting & Stability Operations, Cybersecurity, Defense Industry, Government Contracts Regulatory Compliance

The Department of Defense (“DoD”) has issued two Class Deviations that provide defense agencies with greater flexibility when procuring in times of crisis. These Class Deviations allow for the use of simplified acquisition procedures and excuse certain procurement obligations when DoD is responding to a cyber-attack or providing relief in support of domestic or international … Continue Reading