As previously discussed on this blog, the National Defense Authorization Act for Fiscal Year 2017 and the NDAA for Fiscal Year 2018 imposed new limitations on when the Department of Defense can use Lowest Price Technically Acceptable source selection methods. Just last month, the Department of Defense issued a final rule amending the Defense Federal Acquisition Regulation Supplement to … Continue Reading
On November 7, the Office of the Assistant Secretary of Defense for Acquisition released Version 0.6 of its draft Cybersecurity Maturity Model Certification (CMMC) for public comment. The CMMC was created in response to growing concerns by Congress and within DoD over the increased presence of cyber threats and intrusions aimed at the Defense Industrial … Continue Reading
Almost a year after Assistant Secretary of the Navy James Geurts issued his September 28, 2018 memorandum (Geurts Memo) imposing enhanced security controls on “critical” Navy programs, the Navy has issued an update to the Navy Marine Corps Acquisition Regulations Supplement (NMCARS) to implement those changes more formally across the Navy. Pursuant to this update, a new … Continue Reading
On September 4, the Office of the Assistant Secretary of Defense for Acquisition released Version 0.4 of its draft Cybersecurity Maturity Model Certification (CMMC) for public comment. The CMMC was created in response to growing concerns by Congress and within DoD over the increased presence of cyber threats and intrusions aimed at the Defense Industrial … Continue Reading
The House of Representatives passed its version of the FY2020 National Defense Authorization Act (“NDAA”) last week. The headline story was the remarkably close, party-line vote: in contrast to past years, the bill received no Republican votes, and eight Democratic Members voted against it. Those partisan dynamics obscured the inclusion of two important amendments – … Continue Reading
The Department of Defense (“DoD”) recently announced the development of the ”Cybersecurity Maturity Model Certification” (“CMMC”), a framework aimed at assessing and enhancing the cybersecurity posture of the Defense Industrial Base (“DIB”), particularly as it relates to controlled unclassified information (“CUI”) within the supply chain. The Office of the Under Secretary of Defense for Acquisition … Continue Reading
In the latest step towards delivering on the long-promised “Procurement Through Commercial e-Commerce Portals” program, the General Services Administration has announced plans to build a proof-of-concept for federal online shopping, aiming to issue an RFP by the end of the year for web-based acquisition platforms.… Continue Reading
On March 26, 2019, the Senate Armed Services’ Subcommittee on Cybersecurity held a hearing to receive testimony assessing how the Department of Defense’s (“DOD”) cybersecurity policies and regulations have affected the Defense Industrial Base (“DIB”). To gain a better understanding of the DIB’s cybersecurity concerns, the Subcommittee invited William LaPlante, Senior Vice President and General … Continue Reading
(This article was originally published in Law360 and has been modified for this blog.) On Jan. 21, 2019, Ellen Lord, the Under Secretary of Defense for Acquisition and Sustainment, issued a memorandum focused on assessing contractor compliance with the DFARS cyber clause via audits of a Contractor’s purchasing system.[1] One intent of this guidance is … Continue Reading
On February 25, 2019, the Office of Inspector General (“OIG”) for the Department of Defense (“DoD”) issued an audit report analyzing the prices of spare aviation parts purchased by the Defense Logistics Agency (“DLA”) and the Army from TransDigm Group, Inc. (“TransDigm”). The audit was conducted in response to letters from certain Members of Congress, … Continue Reading
The Section 809 Panel recently concluded its monumental analysis of defense acquisition law and regulations and released its third volume of recommended changes. As we have written previously, the Panel’s work stands out from previous acquisition reform efforts with the appendices of detailed legislative and regulatory changes that accompany the commissioners’ analysis and recommendations. Given … Continue Reading
On February 12, 2019 the Department of Defense released a summary and supplementary fact sheet of its artificial intelligence strategy (“AI Strategy”). The AI Strategy has been a couple of years in the making as the Trump administration has scrutinized the relative investments and advancements in artificial intelligence by the United States, its allies and … Continue Reading
Compliance with the security controls in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 is only the beginning for contractors that receive controlled defense information (CDI) in performance of Department of Defense (DoD) contracts and subcontracts. Faced with an evolving cyber threat, DoD contractors have experienced an increased emphasis on protecting DoD’s … Continue Reading
On the eve of the recent government shutdown over border security, Congress and the President were in agreement on a different issue of national security: mitigating supply chain risk. On December 21, 2018, the President signed into law the Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology Act (the “SECURE Technology Act”) (P.L. 115-390). … Continue Reading
(This article was originally published in Law360 and has been modified for this blog.) The Government Accountability Office (GAO) recently issued a bid protest decision regarding the application of the Berry Amendment’s domestic sourcing requirement to a U.S. Department of Defense (DOD) solicitation for leather combat gloves with touchscreen capability. In that decision, the GAO … Continue Reading
(This article was originally published in Law360 and has been modified for this blog.) Government contractors undergoing an asset transaction know all too well the peculiarity and uncertainty associated with the transfer of a U.S. government contract through the required novation process. In two recent decisions, the Government Accountability Office considered the impact of such … Continue Reading
The Department of Defense (DoD) recently issued final guidance for requiring activities to assess contractors’ System Security Plans (SSPs) and their implementation of the security controls in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171. A draft of this guidance was made available for public comment in April 2018. As noted in … Continue Reading
The Department of Defense (“DoD”) has proposed a new rule limiting the use of “brand name or equal” contract competitions, calling on contracting officers to publicly justify their need for a brand name-type product before issuing a solicitation. The rule would implement Section 888(a) of the National Defense Authorization Act of 2017, which directed the … Continue Reading
(This article was originally published in Law360 and has been modified for this blog.) Peter Navarro, assistant to the president for trade and manufacturing policy, recently offered in a New York Times op-ed that “[a] strong manufacturing base is critical to both economic prosperity and national defense.” The Trump Administration’s maxim that “economic security is … Continue Reading
This post first appeared on Covington’s Global Policy Watch blog on September 7, 2018 Generating and sustaining the United States’ global economic and military superiority over more than the last half century has depended on a dominant U.S. global economic position and perpetual technological innovation. The United States has increasingly relied on a global industrial … Continue Reading
The Department of Defense (“DoD”) recently released the summary of its cyber strategy for 2018. The 2018 DoD Cyber Strategy, which replaces the DoD’s 2015 cyber strategy, is focused broadly on “defending forward,” shaping day-to-day competition, and preparing for conflict. But the strategy includes items that are sure to be of interest to contractors and … Continue Reading
[This article was originally published in Law360 and has been modified for the blog.] Over the summer, pursuant to Section 874 of the FY 2017 National Defense Authorization Act (“NDAA”)[1], the Department of Defense (“DoD”) issued a proposed rule[2] to exclude the application of certain laws and regulations to the acquisition of commercial items, including … Continue Reading
The National Institute of Standards and Technology (NIST), in coordination with the Department of Defense (DoD) and the National Archives and Records Administration (NARA), will host a Workshop providing an overview of Controlled Unclassified Information (CUI) on October 18, 2018. The agenda for the Workshop shows a full day of panels, including those addressing DoD’s “Safeguarding Covered Defense Information … Continue Reading
In a memorandum issued June 27, 2018, Deputy Secretary of Defense Patrick Shanahan ordered the establishment of the Joint Artificial Intelligence Center (“JAIC”) within DoD. The JAIC will report to DoD Chief Information Officer (“CIO”) Dana Deasey and has the “overarching goal of accelerating the delivery of AI-enabled capabilities, scaling the Department-wide impact of AI, … Continue Reading
