Susan B. Cassidy

Ms. Cassidy represents clients in the defense, intelligence, and information technologies sectors.  She works with clients to navigate the complex rules and regulations that govern federal procurement and her practice includes both counseling and litigation components.  Ms. Cassidy conducts internal investigations for government contractors and represents her clients before the Defense Contract Audit Agency (DCAA), Inspectors General (IG), and the Department of Justice with regard to those investigations.  From 2008 to 2012, Ms. Cassidy served as in-house counsel at Northrop Grumman Corporation, one of the world’s largest defense contractors, supporting both defense and intelligence programs. Previously, Ms. Cassidy held an in-house position with Motorola Inc., leading a team of lawyers supporting sales of commercial communications products and services to US government defense and civilian agencies. Prior to going in-house, Ms. Cassidy was a litigation and government contracts partner in an international law firm headquartered in Washington, DC.

Subscribe to all posts by Susan B. Cassidy

DoD Announces the Cybersecurity Maturity Model Certification (CMMC) Initiative

By Susan B. Cassidy, Melinda Lewis and Weiss Nusraty on Posted in Cybersecurity, Defense Industry, Government Contracts Regulatory Compliance
The Department of Defense (“DoD”) recently announced the development of the ”Cybersecurity Maturity Model Certification” (“CMMC”), a framework aimed at assessing and enhancing the cybersecurity posture of the Defense Industrial Base (“DIB”), particularly as it relates to controlled unclassified information (“CUI”) within the supply chain. The Office of the Under Secretary of Defense for Acquisition … Continue Reading

NIST Announces and Seeks Public Comment on 800-171 Update and Related Documents

By Susan B. Cassidy, Ashden Fein, Moriah Daugherty and Melinda Lewis on Posted in Cybersecurity
On June 19, 2019, the National Institute of Standards and Technology (“NIST”) announced the long-awaited update to Special Publication (“SP”) 800-171 Rev. 1, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, which includes three separate but related documents.… Continue Reading

Senate Armed Services Subcommittee on Cybersecurity Holds Hearing to Discuss the Responsibilities of the Defense Industrial Base

By Susan B. Cassidy, Zachary Mears, Samantha Clark and Weiss Nusraty on Posted in Cybersecurity, Defense Industry, Government Contracts Regulatory Compliance, Supply Chain
On March 26, 2019, the Senate Armed Services’ Subcommittee on Cybersecurity held a hearing to receive testimony assessing how the Department of Defense’s (“DOD”) cybersecurity policies and regulations have affected the Defense Industrial Base (“DIB”). To gain a better understanding of the DIB’s cybersecurity concerns, the Subcommittee invited William LaPlante, Senior Vice President and General … Continue Reading

Keeping Up With DoD Cybersecurity Compliance Demands

By Susan B. Cassidy, Ian Brekke and Weiss Nusraty on Posted in Cybersecurity, Defense Industry, Government Contracts Regulatory Compliance
(This article was originally published in Law360 and has been modified for this blog.) On Jan. 21, 2019, Ellen Lord, the Under Secretary of Defense for Acquisition and Sustainment, issued a memorandum focused on assessing contractor compliance with the DFARS cyber clause via audits of a Contractor’s purchasing system.[1]  One intent of this guidance is … Continue Reading

When Compliance Is Not Enough: OIG Seeks Voluntary Refund Despite Contractor’s Adherence to “TINA” Requirements

By Michael Wagner, Susan B. Cassidy and Ryan Burnette on Posted in Defense Industry, Government Contracts Regulatory Compliance, Procurement Policy, Procurement Reform
On February 25, 2019, the Office of Inspector General (“OIG”) for the Department of Defense (“DoD”) issued an audit report analyzing the prices of spare aviation parts purchased by the Defense Logistics Agency (“DLA”) and the Army from TransDigm Group, Inc. (“TransDigm”).  The audit was conducted in response to letters from certain Members of Congress, … Continue Reading

DoD Continues to Up the Ante on Cybersecurity Compliance for Contractors

By Susan B. Cassidy and Ian Brekke on Posted in Cybersecurity, Defense Industry, Government Contracts Regulatory Compliance, Information Technology Contracting
Compliance with the security controls in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 is only the beginning for contractors that receive controlled defense information (CDI) in performance of Department of Defense (DoD) contracts and subcontracts.  Faced with an evolving cyber threat, DoD contractors have experienced an increased emphasis on protecting DoD’s … Continue Reading

Surviving the Shutdown: Seven Things Contractors Should Consider If a Cost Overrun Is on the Horizon

By Susan B. Cassidy, Frederic Levy and Evan R. Sherwood on Posted in Claims and Contract Disputes, Costs, Government Contracts Regulatory Compliance
The U.S. Government shutdown is now the longest in U.S. history and is starting to have serious implications for Government contractors.  One of many key concerns arises when contractors approach their contract funding ceiling — can they continue to work, and what happens if there is a cost overrun?[1] The answers are often complicated for both … Continue Reading

Jumping to Exclusions: New Law Provides Government-Wide Exclusion Authorities to Address Supply Chain Risks

By Susan B. Cassidy and Ian Brekke on Posted in Cybersecurity, Defense Industry, Information Technology Contracting, Supply Chain
On the eve of the recent government shutdown over border security, Congress and the President were in agreement on a different issue of national security:  mitigating supply chain risk.  On December 21, 2018, the President signed into law the Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology Act (the “SECURE Technology Act”) (P.L. 115-390).  … Continue Reading

DoD Issues Final Guidance for Assessing Contractor Compliance with NIST SP 800-171

By Susan B. Cassidy and Ian Brekke on Posted in Cybersecurity, Defense Industry, Government Contracts Regulatory Compliance, Information Technology Contracting
The Department of Defense (DoD) recently issued final guidance for requiring activities to assess contractors’ System Security Plans (SSPs) and their implementation of the security controls in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171.  A draft of this guidance was made available for public comment in April 2018.  As noted in … Continue Reading

“Economic Security Is National Security”: Key Takeaways from the Defense Industrial Base Report

By Zachary Mears, Susan B. Cassidy and Jeff Bozman on Posted in Defense Industry
(This article was originally published in Law360 and has been modified for this blog.) Peter Navarro, assistant to the president for trade and manufacturing policy, recently offered in a New York Times op-ed that “[a] strong manufacturing base is critical to both economic prosperity and national defense.” The Trump Administration’s maxim that “economic security is … Continue Reading

2018 DoD Cyber Strategy: The DoD Defends Forward While the DIB Must Defend its Cyber Practices

By Susan B. Cassidy and Ian Brekke on Posted in Cybersecurity, Defense Industry
The Department of Defense (“DoD”) recently released the summary of its cyber strategy for 2018.  The 2018 DoD Cyber Strategy, which replaces the DoD’s 2015 cyber strategy, is focused broadly on “defending forward,” shaping day-to-day competition, and preparing for conflict.  But the strategy includes items that are sure to be of interest to contractors and … Continue Reading

Takeaways From DoD’s Proposed Changes to Commercial Item Contracting

By Susan B. Cassidy and Alexis N. Dyschkant on Posted in Commercial Items, COTS, Defense Industry, Government Contracts Regulatory Compliance, Procurement Policy, Procurement Reform, Subcontracting
[This article was originally published in Law360 and has been modified for the blog.] Over the summer, pursuant to Section 874 of the FY 2017 National Defense Authorization Act (“NDAA”)[1], the Department of Defense (“DoD”) issued a proposed rule[2] to exclude the application of certain laws and regulations to the acquisition of commercial items, including … Continue Reading

NIST to Host CUI Information Security Workshop

By Susan B. Cassidy on Posted in Cybersecurity, Defense Industry, Information Technology Contracting
The National Institute of Standards and Technology (NIST), in coordination with the Department of Defense (DoD) and the National Archives and Records Administration (NARA), will host a Workshop providing an overview of Controlled Unclassified Information (CUI) on October 18, 2018. The agenda for the Workshop shows a full day of panels, including those addressing DoD’s “Safeguarding Covered Defense Information … Continue Reading

Covington Artificial Intelligence Update: Department of Defense Establishes Joint Artificial Intelligence Center

By Susan B. Cassidy, Calvin Cohen and Zachary Mears on Posted in Artificial Intelligence (AI), Defense Industry
In a memorandum issued June 27, 2018, Deputy Secretary of Defense Patrick Shanahan ordered the establishment of the Joint Artificial Intelligence Center (“JAIC”) within DoD.  The JAIC will report to DoD Chief Information Officer (“CIO”) Dana Deasey and has the “overarching goal of accelerating the delivery of AI-enabled capabilities, scaling the Department-wide impact of AI, … Continue Reading

Covington Artificial Intelligence Update: GAO Testimony Before Congress Regarding Emerging Opportunities, Challenges, and Implications for Policy and Research with Artificial Intelligence

By Calvin Cohen and Susan B. Cassidy on Posted in Artificial Intelligence (AI)
Timothy M. Persons, GAO Chief Scientist Applied Research and Methods, recently provided testimony on artificial intelligence (“AI”) before the House of Representatives’ Subcommittees on Research and Technology and Energy, Committee on Science, Space, and Technology.  Specifically, his testimony summarized a prior GAO technological assessment on AI from March 2018.  Persons’ statement addressed three areas:  (1) … Continue Reading

DoD Seeks Streamlined Procurements of Innovative Technologies – Other Transaction Agreements and the Commercial Solutions Opening Pilot Program

By Susan B. Cassidy, Jennifer Plitsch and Tyler Evans on Posted in Defense Industry, Government Contracts Regulatory Compliance, Intellectual Property, NDAA, Procurement Reform
The Department of Defense (DoD) has once again emphasized its willingness to engage with commercial companies and other non-traditional contractors to try to expedite and simplify its procurement of innovative technologies. In particular, the Defense Information Systems Agency (DISA) indicated that it plans to enter directly into Other Transaction Authority (OTA) agreements, and DoD issued a … Continue Reading

Senate Armed Services Committee Proposes Expansive but Unclear Software Review Provisions

By Jeff Bozman, Zachary Mears, Susan B. Cassidy, David Fagan, Frederic Levy and Heather Finstuen on Posted in Cybersecurity, Defense Industry, Government Contracts Regulatory Compliance, NDAA
As the Senate approaches the end of its debate on the National Defense Authorization Act for Fiscal Year 2019, provisions of the bill regarding access to and review of information technology code deserve close attention.  These sections, if enacted, would significantly impact Department of Defense contractors and also would affect matters associated with investments subject … Continue Reading

Congress Aims to Redefine the “Subcontract”

By Susan B. Cassidy on Posted in Commercial Items, Government Contracts Regulatory Compliance, NDAA, Procurement Policy, Procurement Reform, Subcontracting
[Updated August 13, 2018] If an agreement qualifies as a “subcontract” under a government contract, then it may be subject to certain flow-down, compliance, and reporting requirements.  These requirements are intended to protect the government’s interests, and have significant ramifications for contractors, e.g., increasing transaction costs, expanding potential areas of exposure.  These compliance obligations and … Continue Reading

DoD Final Rule to Promote Post-Award Disclosure of Defective Pricing Arms Contractors with Potentially Impactful Information

By Susan B. Cassidy and Bryan Byrd on Posted in Costs, DCAA, Defense Industry, Government Contracts Regulatory Compliance
On May 4, 2018, the Department of Defense (“DoD”) issued a final rule amending the Defense Federal Acquisition Regulation Supplement (“DFARS”) to state that, in the interest of promoting voluntary disclosures of defective pricing identified by contractors after contract award, DoD contracting officers have more discretion to determine the scope of the involvement of the … Continue Reading

Draft DoD Guidance on SSPs and NIST SP 800-171 – Impact on Bid Protests and Ongoing Contract Performance

By Susan B. Cassidy, Jay Carey and Kayleigh Scalzo on Posted in Audits, Bid Protests, Claims and Contract Disputes, Cybersecurity, False Claims Act, Uncategorized
On April 24, 2018, the Department of Defense (DoD) issued a Notice and Request for Comment on draft guidance that DoD proposes for assessing contractors’ System Security Plans (SSPs) and their implementation of the security controls in NIST Special Publication (SP) 800-171. This includes assessments as part of source selection decisions and during contract performance. DFARS … Continue Reading

Department of Homeland Security Secretary Kirstjen Nielsen Proposes “More Forward-Leaning Posture” for Federal Government in Cybersecurity

By Susan B. Cassidy and Calvin Cohen on Posted in Cybersecurity
On April 17, 2018, Department of Homeland Security (DHS) Secretary Kirstjen Nielsen delivered a keynote address at the RSA Conference.  A copy of her prepared remarks is available here.  Secretary Nielsen’s remarks highlighted efforts by DHS to address the evolving cybersecurity threats to our country’s critical infrastructure. Secretary Nielsen set the stage by describing the … Continue Reading

If Shulkin Didn’t Resign, Who Runs the VA Until a New Secretary Is Confirmed? A Vacancies Act Puzzle

By Susan B. Cassidy, Jennifer Plitsch, Michael Wagner and Evan R. Sherwood on Posted in Government Contracts Regulatory Compliance, Health Care Contracting, Multiple Award Schedule Contracting, Procurement Policy, Uncategorized
Recent news reports have raised a substantial question about who has authority to run the Department of Veterans Affairs (“VA”) in the wake of Dr. David Shulkin’s departure from the agency.  According to the White House, Dr. Shulkin resigned.  Meanwhile, Dr. Shulkin himself has publicly insisted that he did not resign and was instead fired. … Continue Reading

GSA Unveils Plan for Commercial Online Shopping Portal

By Susan B. Cassidy, Jennifer Plitsch, Michael Wagner and Evan R. Sherwood on Posted in Commercial Items, Multiple Award Schedule Contracting
Following instructions from Congress to create a new online shopping system leveraging existing commercial practices, the General Services Administration (“GSA”), in coordination with the Office of Management and Budget (“OMB”), has released an implementation plan (“Plan”) to begin e-commerce purchases by 2019.  As discussed in a previous blog post, GSA’s Plan is a first step … Continue Reading

NIST Seeks to Assist Contractors in Assessing SP 800-171 Compliance

By Susan B. Cassidy on Posted in Cybersecurity, Government Contracts Regulatory Compliance, Information Technology Contracting
Late last month, the National Institute of Standards and Technology (“NIST”) released a set of documents for public comment that are aimed at helping contractors assess and implement compliance with NIST Special Publication (“SP”) 800-171, which establishes the standards for protecting Covered Defense Information (“CDI”), among other forms of Controlled Unclassified Information (“CUI”). First, NIST … Continue Reading
LexBlog