Photo of Alex Major

Mr. Major is a partner and co-leader of the firm’s Government Contracts & Export Controls Practice Group. Mr. Major focuses his practice on federal procurement, cybersecurity liability and risk management, and litigation. A prolific author and thought leader in the area of cybersecurity, his professional experience involves a wide variety of litigation and counseling matters dealing with procurement laws and federal regulations and standards . His diverse experience includes complex litigation in federal court under the qui tam provisions of the False Claims Act and bid protest actions. He counsels all sizes of companies on issues relating to compliance with government regulations including, among other things, cybersecurity (NIST, FIPS, FedRAMP, and DFARS) requirements, multiple award schedule compliance, Section 508 issues, country of origin requirements under the Buy American and Trade Agreements Acts, cost accounting, and small business requirements. He also regularly conducts internal investigations to assist companies ensure that they are in full compliance with the law.


So you want to acquire a government contractor? Makes sense, and you’re not alone. Over the past few years, the federal contracting landscape continues to evolve as a result of mergers and acquisitions (M&A), primarily involving the acquisition of small and midsize contractors by larger entities as a means to quickly expand into new federal markets. This trend is especially prevalent in the information technology (IT) market, where the acquisition of small or midsize IT firms with new capabilities can provide larger firms with shiny new toys to share with their roster of government clients to gain a larger share of the federal IT “pie,” if not create—almost overnight—new IT market leaders in areas such as cloud computing, cybersecurity, software, and predictive intelligence.


Continue Reading

As DOD continues to expand its supply chain cybersecurity demands on federal contractors, McCarter & English Government Contracts and Export Controls co-leaders Alex Major and Franklin Turner provide critical guidance for federal contractors in a two-part Feature Comment for Thomson Reuters’ The Government Contractor. In the comprehensive article they address not only the recent and

DoD’s recent efforts to address cybersecurity have caused confusion and chaos for Government contractors. As we all know, cybersecurity is an issue that is impossible to ignore, and the sobering reality is that compliance with federal cybersecurity requirements is critical to avoiding catastrophic liability. Recently, McCarter & English Government Contracts and Export Controls co-leaders Alex

Cough…cough…ahem…cough… Any contractor who has had the misfortune of dealing with the Defense Contract Audit Agency (DCAA) likely knows all too well that the agency is the Will Rogers of costs – it never met a cost it didn’t question.  Indeed, DCAA auditors typically question costs with reckless abandon and based often on a patent misreading of applicable regulations.  The net effect, of course, is that contractors have to expend significant time and money trying to explain to boards and courts why DCAA’s auditors are…uh…incorrect as a matter of fact and law.  A recent Memorandum for Regional Directors (MRD) provides some transparency into why this sort of thing happens with unfortunate regularity. Issued on May 14, 2019, the MRD (No. 19-PAC-002(R)), corrects…er…“revises” internal guidance issued in 2014 and 2015 relating to the identification of expressly unallowable costs.  The newly issued memo sets out DCAA’s current stance on identifying expressly unallowable costs under the cost principles codified at Federal Acquisition Regulation (FAR) Part 31 and Defense Federal Acquisition Regulation Supplement (DFARS) Part 231.  This MRD – like all MRDs – is intended to be used as a tool by well-meaning (but often overzealous) auditors when reviewing a contractor’s compliance with federal cost principles.  Contractors should, thus, pay careful attention to this MRD in order to be prepared for questions that may arise during DCAA-led frolics and detours.

Continue Reading

Cybersecurity. It’s never over, is it? In what can only be described as a “soft” release, the Department of Defense (DoD) has slowly and quietly begun to reveal its intent to provide federal contractors with formal cybersecurity certification as early as next year. The program, known as the Cybersecurity Maturity Model Certification (CMMC), is an effort to streamline the acquisition process by providing acquiring agencies and consenting contractors with more exacting cybersecurity requirements for forthcoming acquisitions.

Continue Reading

On May 22nd, Practice Group Co-Leaders Franklin Turner and Alexander Major delivered a presentation on Effectively Prosecuting Contract Claims Against the Government to attendees at the annual Native Hawaiian Organizations Association Business Summit in Honolulu, Hawaii. After the presentation, Franklin and Alex also hosted a legal Q&A session for contractors of all sizes.

On Dec. 4, 2018, the Federal Acquisition Regulatory Council finally released a proposed rule to implement changes to certain small business subcontracting regulations required by the 2013 National Defense Authorization Act (NDAA). 83 Fed. Reg. 62540 (Dec. 4, 2018). This is a welcome, if not long-overdue sign of progress. Over the last half-decade since the

Here we are again. Large swaths of the federal government have been closed since December 22 because Congress and the president cannot agree on legislation to fund the government. Nearly a million federal employees are not receiving their paychecks. Even larger numbers of government contractors are – as is often the case – left squarely at the bottom of the hill, dodging the boulders of political mismanagement that are raining down in a landslide of “stop-work” orders. For example, as has been reported, the Department of Homeland Security’s Federal Emergency Management Agency (FEMA) took affirmative steps to publicize and issue a “blanket” stop-work order on December 26 – the day after Christmas – giving many affected contractors a post-holiday cocktail of uncertainty and dread. Other agencies have followed suit, with the Departments of Justice, Agriculture, Commerce, Housing and Urban Development, Interior, State, Transportation, and Treasury issuing such orders over the past few weeks.

Continue Reading

The Demon: What an excellent day for an exorcism.
Father Karras: You would like that?
The Demon: Intensely.

Honestly, it was challenging finding an all-audiences quote from William Peter Blatty’s “The Exorcist,” but we believe that this quote is exactly what federal contractors need to know. Today is indeed an excellent day for an information system exorcism and, unlike Father Karras, federal contractors know the name of that which they must purge: Kaspersky Lab.


Continue Reading

Alex Major is a contributing author to the Nuix 2018 Black Report: Decoding the Minds of Hackers, a unique report that engages professional hackers, penetration testers, and incident responders to understand the security threat landscape companies face. Alex, a former intelligence officer, focuses his chapter on why companies need to properly select and structure their