Photo of Alex Major

Mr. Major is a partner and co-leader of the firm’s Government Contracts & Export Controls Practice Group. Mr. Major focuses his practice on federal procurement, cybersecurity liability and risk management, and litigation. A prolific author and thought leader in the area of cybersecurity, his professional experience involves a wide variety of litigation and counseling matters dealing with procurement laws and federal regulations and standards . His diverse experience includes complex litigation in federal court under the qui tam provisions of the False Claims Act and bid protest actions. He counsels all sizes of companies on issues relating to compliance with government regulations including, among other things, cybersecurity (NIST, FIPS, FedRAMP, and DFARS) requirements, multiple award schedule compliance, Section 508 issues, country of origin requirements under the Buy American and Trade Agreements Acts, cost accounting, and small business requirements. He also regularly conducts internal investigations to assist companies ensure that they are in full compliance with the law.

If your company sells products or services to the U.S. Government, there’s a substantial likelihood that you’ve read or heard the acronym “NIST” in connection with various cybersecurity related obligations that the Government is imposing on contractors with a seemingly unceasing vengeance. NIST refers to the National Institute of Standards and Technology, which is a

During the past few years, discussions in Washington, D.C. have intensified over the battle to modernize the Federal Government’s information technology (IT) systems. In May 2016, Representative Jason Chaffetz—Chairman of the Committee on Oversight and Government Reform in the U.S. House of Representatives—boldly stated that American “[t]axpayers deserve a government that leverages technology to serve

Following up on his repeated promises that the government will buy American and hire American, President Trump signed a Presidential Executive Order on Buy American and Hire American (the “Order”) on Tuesday, April 18, 2017, directing executive agencies to enhance acquisition preferences for domestic products and labor under federal contracts and federal grants. Federal contractors should note that the Order serves only as a blueprint for the administration’s intentions and imposes no immediate requirements. Those will follow — but in what form and to what degree, we can only guess. Contractors should prepare for those changes and be assured that – with respect to the Order’s impact on supply chains and contractor purchasing systems – the devil will indeed be in the details.

Continue Reading

It’s surprising how often the simplest phrases can provide the most salient advice. The 6 P’s,for example: Proper prior planning prevents poor performance. While the phrase may be a bit of a tortured alliteration, the truth and simplicity of its sentiment can’t be denied: When you want a good outcome, you have to think it through. Simple.

Continue Reading

If you are aware of German Christmas folklore (and really, who isn’t?), you know that Belsnickel is a legendary companion of St. Nick who carries a switch with which to punish naughty children and a pocketful of sweets to reward good ones. This holiday season, many are feeling the sting of a switch of another kind, this one involving the December 20, 2016, issuing by the National Institute of Standards and Technology (NIST) of a preholiday revision of Special Publication 800-171 (SP 800-171), Protecting Controlled Unclassified Information (CUI) in Nonfederal Information Systems and Organizations. If SP 800-171 sounds familiar, it is because the publication is the source of the cybersecurity controls that defense contractors must follow and flow down to subcontractors pursuant to DFARS Subpart 204.73 and its operative clauses (e.g., DFARS 252.204-7008 and DFARS 252.204-7012). Essentially accompanying St. Nick (perhaps Santa Clause may be more appropriate) this season, the NIST’s revised publication may resemble Belsnickel’s switch (pun intended) to contractors who already have existing SP 800-171 controls in place (as the controls have been required, in various forms, since November 2013) or who have started down the road toward SP 800-171 adherence in advance of the DFARS-directed December 2017 deadline. With that in mind, let’s take a quick look at the implications that switch (pun still intended) brings to the security requirements for protecting the confidentiality of CUI in nonfederal systems and organizations:

Continue Reading

Carrier. UTC. Boeing. Swamp-draining rhetoric. While many ponder what America can expect from the next administration, one thing is clear – it appears to have its eyes on government contractors. However, it is important for those eyes to study the volumes of acquisition regulations under which the government is required to operate when contracting with commercial companies. Accordingly, we thought it would be helpful to describe – through a series of explanations of 140 or fewer characters – why recent tweets about Boeing’s Air Force One contract do not reflect the current state of government contracts law and, in particular, the provisions governing termination of contracts.

Continue Reading

On August 8, 2016, the U.S. Office of Management and Budget (“OMB”) promulgated an Open Source Software (“OSS”) policy via the Memorandum for the Heads of Departments and Agencies, M-16-21 (“Memorandum” or “M-16-21”). The high-level purposes of the Memorandum are to promote reuse of federal contractor and employee custom-developed code, and to improve the quality of such software through public participation. To these ends, the Memorandum has two major directives: (1) all custom-developed code must be broadly available for reuse across the federal government subject to limited exceptions (e.g., for national security and defense) and (2) under a three-year pilot program, federal agencies are required to release at least 20% of their custom-developed code to the public as OSS. The intent here is to enable continual quality improvements to the code as a result of broader public community efforts. As discussed below, the requirement to release custom-developed code as OSS may effectively reduce the creator’s ownership rights, and have economic impacts on both the value of ownership and pricing when bidding on government contracts.

Continue Reading

New FAR Rules and U.S. Department of Labor Guidance Implement the Long-Anticipated (and Much-Dreaded) Fair Pay and Safe Workplaces Executive Order

Burdensome disclosure obligations, pay transparency, and other affirmative requirements as a condition of doing business with the federal government continue. Sound familiar? The trend continues with new Federal Acquisition Regulation (“FAR”) rules and accompanying U.S. Department of Labor (“DOL”) guidance issued on August 25, 2016, implementing the Fair Pay and Safe Workplaces Executive Order. In a nutshell – boiling down over 800 pages of rulemaking materials – the rules will soon require:


Continue Reading

The late, great Yogi Berra once said that “Baseball is 90 percent mental. The other half is physical.” Sometimes it seems as if Yogi’s logic is equally applicable to the claims process in the world of Government contracting, where 90 percent of the early battle is following the correct claim initiation procedures prescribed by the Contract Disputes Act (“CDA”), 41 U.S.C. §§ 7101-7109.

Continue Reading