Susan Cassidy

Ms. Cassidy represents clients in the defense, intelligence, and information technologies sectors.  She works with clients to navigate the complex rules and regulations that govern federal procurement and her practice includes both counseling and litigation components.  Ms. Cassidy conducts internal investigations for government contractors and represents her clients before the Defense Contract Audit Agency (DCAA), Inspectors General (IG), and the Department of Justice with regard to those investigations.  From 2008 to 2012, Ms. Cassidy served as in-house counsel at Northrop Grumman Corporation, one of the world’s largest defense contractors, supporting both defense and intelligence programs. Previously, Ms. Cassidy held an in-house position with Motorola Inc., leading a team of lawyers supporting sales of commercial communications products and services to US government defense and civilian agencies. Prior to going in-house, Ms. Cassidy was a litigation and government contracts partner in an international law firm headquartered in Washington, DC.

Subscribe to all posts by Susan Cassidy

GSA Hears Comments from Industry About e-Commerce Portals

As part of ongoing efforts to create an online marketplace for government purchasers, GSA officials held a public meeting yesterday to discuss potential market structures and legal requirements. A wide range of stakeholders attended the hearing, responding to questions from GSA on issues such as how many online portals should be implemented, who should have … Continue Reading

DFARS Cyber Rule – What Questions Should Contractors Ask Themselves in the New Year?

[The referenced article was originally published in Law360.] Since August 2015, defense contractors have been on notice that they were required to implement the security controls in National Institute of Standards and Technology (“NIST”) Special Publication (“SP”) 800-171 no later than December 31, 2017 on covered contractor information systems. Although the focus has been on meeting … Continue Reading

NIST Holds Webcast to Discuss Updates to Cybersecurity Framework

On December 20, 2017, the National Institute of Standards and Technology (“NIST”) held a live webcast to discuss the draft updates to the Framework for Improving Critical Infrastructure Cybersecurity (“the Cybersecurity Framework”) and the Roadmap for Improving Critical Infrastructure Cybersecurity (“the Roadmap”). Although the webcast is not currently available online, NIST plans to publish a … Continue Reading

Online Shopping for Government Contracts? GSA Invites Industry to Comment on Its Upcoming e-Commerce Portals

In an effort to create a new online market for government contracts, the General Services Administration (“GSA”) has invited industry to comment on the development and design of e-commerce portals for commercial procurements. GSA’s request for comments will be published tomorrow, December 15, 2017.  This comment period provides a valuable opportunity for contractors to advise … Continue Reading

NIST Releases Updated Draft of Cybersecurity Framework

On December 5, 2017, the National Institute of Standards and Technology (“NIST”) announced the publication of a second draft of a proposed update to the Framework for Improving Critical Infrastructure Cybersecurity (“Cybersecurity Framework”), Version 1.1, Draft 2. NIST has also published an updated draft Roadmap to the Cybersecurity Framework, which “details public and private sector … Continue Reading

NIST Releases New Draft Publication Designed to Assist Contractors In Assessing Compliance with NIST SP 800-171

Ahead of the upcoming December 31, 2017 deadline for federal defense contractors to implement National Institute of Standards and Technology (“NIST”) Special Publication 800-171 (“SP 800-171”), NIST has released a new draft publication designed to assist organizations in assessing compliance under SP 800-171, Draft Special Publication 800-171A, Assessing Security Requirements for Controlled Unclassified Information (“CUI”) … Continue Reading

DoD Class Deviations Allow for Greater Contracting Flexibility in Times of Crisis

The Department of Defense (“DoD”) has issued two Class Deviations that provide defense agencies with greater flexibility when procuring in times of crisis. These Class Deviations allow for the use of simplified acquisition procedures and excuse certain procurement obligations when DoD is responding to a cyber-attack or providing relief in support of domestic or international … Continue Reading

DoD Issues Further Guidance on Implementation of DFARS Cyber Rule

On September 21, 2017, the Director of the Defense Pricing/Defense Procurement and Acquisition Policy (DPAP) issued guidance to Department of Defense (DoD) acquisition personnel in anticipation of the December 31, 2017 date for contractors to implement the security controls of NIST Special Publication (SP) 800-171.  The guidance outlines (i) ways in which a contractor may … Continue Reading

Pentagon Reverses Course and Rolls Back The IR&D Technical Interchange Rule

On September 14, 2017, the Department of Defense issued a new class deviation that eliminates the requirement on major contractors to engage with the Government in technical interchange meeting prior to the generation of independent research and development (IR&D) costs.  This class deviation represents a continuing reversal in position for the Pentagon, which had been … Continue Reading

NIST Releases Fifth Revision of Special Publication 800-53

The National Institute of Standards and Technology (“NIST”) released on August 15, 2017 its proposed update to Special Publication (“SP”) 800-53. NIST SP 800-53, which was last revised in 2014, provides information security standards and guidelines, including baseline control requirements, for implementation on federal information systems under the Federal Information Systems Management Act of 2002 … Continue Reading

Protecting Intellectual Property as Government R&D Funding Rises

The U.S. Government’s research and development (“R&D”) spending is on the rise.  For instance, the U.S. Government spent $139 billion in on R&D in FY 2015 and approximately $148 billion in FY 2016.  It is slated to spend as much as $154 billion on R&D in FY 2017.  With this funding comes great opportunities for … Continue Reading

Six Takeaways from President Trump’s Executive Order on Assessing Manufacturing and the Defense Industrial Base

[This article was originally published in Law360.] On July 21, 2017 – and during “Made in America Week” – President Trump issued Executive Order 13806 on “Assessing and Strengthening the Manufacturing and Defense Industrial Base and Supply Chain Resiliency of the United States” (the “Manufacturing EO”).  The Manufacturing EO sets forth a policy stressing the … Continue Reading

Highlights from DoD Industry Day on DFARS Cyber Rule

The Department of Defense (“DoD”) held an “Industry Information Day” on June 23, 2017 to address questions regarding DFARS Case 2013-D018 “Network Penetration and Reporting for Cloud Services,” including DFARS clauses 252.204-7012 “Safeguarding Covered Defense Information and Cyber Incident Reporting” and 252.239-7010 “Cloud Computing Services.”   DoD’s presentation lasted approximately four hours and covered a wide range of … Continue Reading

USSC Issues RFP For Report On Supply Chain IT Vulnerabilities From China

On May 11, 2017, the U.S. China Economic and Security Review Commission (“Commission”) issued a Request for Proposal to “to provide a one-time unclassified report on supply chain vulnerabilities from China in U.S. federal information technology (IT) procurement.” Congress established the Commission in 2000 to monitor and report to Congress on the national security implications … Continue Reading

Challenges and Priorities for the New Secretary of Labor

Alex Acosta was confirmed by the Senate to be the next Secretary of Labor.  He now takes responsibility for several high-profile issues with critical implications for government contractors. As we have previously written, the Labor Department was an exceptionally active regulator from 2013 through the end of the Obama Administration.  Although few of us expect … Continue Reading

DoD Further Clarifies Its DFARS Cybersecurity Requirements

On January 27, 2017, the Department of Defense (DoD) issued an updated Frequently Asked Questions (FAQ) regarding the application and requirements of DFARS 252.204.7012 Safeguarding Covered Defense Information and Cyber Incident Reporting. Though questions remain regarding various nuances of the rule, the FAQ is a helpful document for those contractors still working on implementation of … Continue Reading

More Cybersecurity Changes Expected for Contractors in 2017

In 2016, the dangers presented by an increasingly digital world clearly were on display. A cyber-attack using an army of Internet of Things devices interfered with the operations of major commercial websites. And the Presidential Election was plagued with allegations of state-sponsored cybersecurity hacking (for which the Obama Administration just issued sanctions against the Russian … Continue Reading

Cybersecurity Update: DoD Releases Long-Awaited Final Rule

On October 21, 2016, the Department of Defense (DoD) issued its long-awaited Final Rule—effective immediately—imposing safeguarding and cyber incident reporting obligations on defense contractors whose information systems process, store, or transmit covered defense information (CDI). The Final Rule has been years in the making and is the culmination of an initial rule issued in November … Continue Reading

DoD Finalizes Rule on Policies for Cyber Incident Reporting

On October 4th, the Department of Defense (DoD) issued a Final Rule implementing mandatory cyber incident reporting requirements for DoD contractors and subcontractors who have “agreements” with DoD.  The Final Rule also highlights DoD’s desire to encourage greater participation in the voluntary Defense Industrial Base (DIB) cybersecurity information sharing program.  This Rule is effective on … Continue Reading

DoD Finalizes Rule Expanding Contractor Rights in Technical Data

DoD has issued a Final Rule that gives added protections to the technical data of privately developed commercial items incorporated into major systems, including major weapon systems.  This rule implements Section 813(a) of the National Defense Authorization Act (NDAA) for Fiscal Year 2016 and modifies 10 U.S.C.§ 2321(f).… Continue Reading

NARA Sets the Stage for a Final FAR Cyber Clause

On September 14, 2016, the National Archives and Record Administration (“NARA”) issued a Final Rule, effective November 13, 2016, establishing cross-agency practices and procedures for safeguarding, disseminating, controlling, destroying, and marking Controlled Unclassified Information (CUI).  Although the Final Rule only applies directly to executive branch agencies that designate or handle information that meets the standards … Continue Reading

DOD Final Rule Addresses Source Requirements and Cost Recovery for Use of Counterfeit Electronic Parts

Supply chain protection has been a point of increasing emphasis by the Government and especially the Department of Defense (“DoD”) in recent years. In no area is this more true than ensuring that Government systems and equipment are free from counterfeit electronic parts, which can raise both security and defect concerns. DoD has accordingly taken several steps, many of which have taken the form of new requirements on contractors, to protect against counterfeit electronic parts. With these requirements has come added risk to contractors that even mistakenly use electronic parts in the goods they sell to DoD. However, an August 30, 2016, final DFARS rule (implemented at DFARS 2301.205-71) seeks to mitigate some of this risk by allowing contractors to recover the cost of replacing counterfeit electronic parts, as long as the contractor has taken certain steps to prevent the use of such parts.… Continue Reading
LexBlog