On November 27, 2019, the Department of Commerce issued a proposed rule to implement the May 15, 2019 Executive Order entitled “Securing the Information and Communications Technology and Services Supply Chain.” Once finalized and effective, the regulations will govern the process and procedures that the Secretary of Commerce will use to determine whether certain transactions … Continue Reading
Last week, the FAR Council issued a Final Rule, setting forth new FAR provisions that require the reporting of certain counterfeit and suspect counterfeit parts and certain major or critical nonconformances to the Government – Industry Data Exchange Program (“GIDEP”).[1] This Final Rule comes more than five years after the rule was first proposed in … Continue Reading
A long-standing dispute over the approach to country of origin determinations under the Trade Agreements Act (“TAA”) may soon be resolved, as the Federal Circuit recently heard oral argument in one of two cases presently examining key aspects of this statute. Among other questions presented, the court may decide the standard for determining whether a … Continue Reading
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency’s (“CISA”) Information and Communications Technology (“ICT”) Supply Chain Risk Management Task Force (the “Task Force”) recently released an interim public report. The report describes the Task Force’s efforts over the last year to develop recommendations for securing the Government’s supply chain, and outlines the potential … Continue Reading
Almost a year after Assistant Secretary of the Navy James Geurts issued his September 28, 2018 memorandum (Geurts Memo) imposing enhanced security controls on “critical” Navy programs, the Navy has issued an update to the Navy Marine Corps Acquisition Regulations Supplement (NMCARS) to implement those changes more formally across the Navy. Pursuant to this update, a new … Continue Reading
On September 4, the Office of the Assistant Secretary of Defense for Acquisition released Version 0.4 of its draft Cybersecurity Maturity Model Certification (CMMC) for public comment. The CMMC was created in response to growing concerns by Congress and within DoD over the increased presence of cyber threats and intrusions aimed at the Defense Industrial … Continue Reading
The FAR Council released an Interim Rule in August implementing part of Section 889 of the John S. McCain National Defense Authorization Act for Fiscal Year 2019. In this briefing, we highlight points where the Interim Rule provides clarity; definitional issues that remain unresolved; and new procedural requirements that government contractors should track. The Interim … Continue Reading
On March 26, 2019, the Senate Armed Services’ Subcommittee on Cybersecurity held a hearing to receive testimony assessing how the Department of Defense’s (“DOD”) cybersecurity policies and regulations have affected the Defense Industrial Base (“DIB”). To gain a better understanding of the DIB’s cybersecurity concerns, the Subcommittee invited William LaPlante, Senior Vice President and General … Continue Reading
On the eve of the recent government shutdown over border security, Congress and the President were in agreement on a different issue of national security: mitigating supply chain risk. On December 21, 2018, the President signed into law the Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology Act (the “SECURE Technology Act”) (P.L. 115-390). … Continue Reading
