Sequels are rarely better than the films that precede them, and yet, sometimes a story is just too compelling to be limited to just one film. At the tail end of a summer full of Hollywood sequels, the Department of Defense (DoD) released a long-gestating sequel of its own. On August 15, 2024, DoD published a Proposed Rule that would revise the DoD Federal Acquisition Regulation Supplement (DFARS) to implement Cybersecurity Maturity Model Certification (CMMC) 2.0 into DoD contracts in the near(ish) future. This follows a December 2023 Proposed Rule, discussed here, establishing the CMMC 2.0 requirements in broad strokes. In this latest Proposed Rule, DoD proposes several changes to the DFARS that would do the following:Continue Reading CMMC and DFARS 252.204-7021—Is the Sequel Better than the Original?

Johnny, rosin up your bow and play your fiddle hard
’Cause Hell’s broke loose in Georgia and the Devil deals the cards
And if you win, you get this shiny fiddle made of gold
But if you lose the Devil gets your soul
~ The Charlie Daniels Band

Some might say there’s little difference between dealing with the devil and being a federal contractor. And for the unwary or unprepared, that may not be far off. Federal contracting comes with a litany of “fine print” that would make “Old Scratch” proud. However, as most savvy contractors recognize, it’s all hiding in plain sight, with the devil in the details. Take, for example, the cybersecurity requirements found in the Federal Acquisition Regulations (FAR) at 52.204-21 and the Department of Defense (DoD) FAR Supplement (DFARS) at 252.204-7012, -7019, and -7020. These requirements have been the topic of countless articles, trainings, webinars, whole conferences, etc., so it is surprising while simultaneously not surprising that they form the basis of a federal False Claims Act (FCA) claim the Department of Justice (DOJ) recently filed in its complaint in intervention.Continue Reading DOJ Went Down to Georgia: Lessons Learned from Recent Cybersecurity Enforcement Actions

DOD released a final rule which updates the DFARS to address requirements outlined in Executive Order 14005, “Ensuring the Future is Made in All of America by All of America’s Workers.” Cara Wulf and Marcos Gonzalez explain the changes and what contractors should be aware of while making adjustments to their supply chains in order

China dominates the rare earth industry, accounting for approximately 60 percent of rare earth metal mining and approximately 90 percent of rare earth metal processing in 2023. In order to combat this near-monopoly and to limit supply chain vulnerabilities and risk to the US defense industry, a final Defense Federal Acquisition Regulation Supplement (DFARS) rule, published May 30, 2024, applies broader sourcing prohibitions to the language of DFARS 225.7018 and operative clause DFARS 252.225-7052 to prohibit the use and acquisition of magnets mined in China as of January 1, 2027.Continue Reading DOD Releases Final Rule Prohibiting the Acquisition of Certain Magnets from Nonaligned Foreign Nations

What do you think is going to be scarier—artificial intelligence (AI) or the government’s effort to regulate AI? On October 30, 2023, the White House issued Executive Order (E.O.) 14410, Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence. As the federal government’s latest foray into harnessing AI, this E.O.—like those before it, generally—recognizes that AI offers extraordinary potential and promise, provided that it is harnessed responsibly to prevent the exacerbation of societal harms. Since E.O. 14410, there has been a flurry of activity in the federal government, including guidance and policies providing an indication of how agencies can/should/will harness AI to support agency objectives. While we are far from a situation similar to Skynet from the Terminator franchise or HAL 9000 from 2001: A Space Odyssey, the government’s accelerated activity to reap AI’s potential benefits far outpaces the provision of actionable guidance so contractors can understand and adapt to what will be required in offering AI products and services to the government. So let’s open the pod bay doors and explore…Continue Reading Executive Order 14410: An Artificial Intelligence Odyssey

On December 26, 2023, the Department of Defense (“DoD”) belatedly gifted defense contractors and subcontractors a Proposed Rule on the Cybersecurity Maturity Model Certification (“CMMC”) Program. DoD also released eight CMMC guidance documents, providing interested parties a one-two combo of what to expect under the Program. The Proposed Rule has already received over 100 comments. With commenting open until February 26, 2024, will DoD proceed with a final rule, or is the Proposed Rule a Groundhog Day scenario with DoD further delaying final implementation of the CMMC Program?Continue Reading DoD’s Proposed CMMC Rule: Groundhog Day… or a Final Rule in the Works?

On October 25, 2023, the Department of Defense (DoD) published a Proposed Rule amending the Department of Defense Federal Acquisition Regulation Supplement (DFARS) and permanently authorizing the DoD Mentor-Protégé Program (DoD MP Program). In addition, the Proposed Rule makes several changes to the program—the most prominent of which include (a) lowering barriers to entry and (b) adding additional benefits for prospective mentors and protégés. Before we dive in to the Proposed Rule, a brief history of the DoD MP Program is in order.Continue Reading DoD Mentor-Protégé Program Solidified under Proposed Rule

Like most businesses, government contractors are in the customer service field and have been conditioned to operate by the old adage that the “The customer is always right.” After all, the customer pays the bills, right? As a general matter, this is true. Uncle Sam is responsible for paying the bills submitted by contractors and—most of the time—payment arrives without issue. That said, there are circumstances in which the government refuses to pay for work performed. One of the more common reasons for such nonpayment is the government’s contention that the work at issue was “not authorized” under the operative contract, notwithstanding the fact that the contracting officer’s representative (COR) was well aware of the work being performed. There are, in fact, many decades of decisional law emanating from courts and boards of contract appeals relating to the nuances of this precise issue. This means that an untold (but stratospherically high) number of frustrated contractors have suffered very expensive battle scars trying to litigate their way to payment by convincing judges that the work performed actually was authorized by the appropriate government personnel. A recent publication by the Department of Defense (DoD) provides contractors with an important reminder as to how to avoid this costly fate.
Continue Reading “Respect My Authority!”—An Important Reminder as DoD Issues an Updated Guidebook for Contracting Officer Representatives

Unless you’ve been living under a rock or on a self-sustaining deserted island, the chances are high that you have become quite familiar with the term “inflation” (i.e., the rising costs of goods and services) over the past few years. Indeed, everything (from gasoline to gumballs and milk to movie tickets) appears to be more expensive as of late. Unfortunately, government contractors are not immune from this current economic reality. As most of us know all too well, many contracts that were negotiated and priced over the past 18 to 24 months are simply more expensive to perform now than was reasonably anticipated when bids were prepared.

In recognition of these soaring prices, the Department of Defense (DoD) issued a May 25, 2022, Memorandum titled “Guidance on Inflation and Economic Price Adjustments,” the purpose of which is to assist contracting officers (COs) in (i) navigating the impacts of inflation on existing contracts and (ii) managing downstream inflation risks on prospective contracts. Here are the key takeaways and our suggested courses of action to best protect your company’s bottom line:Continue Reading DoD Braces for Inflation: Guidance for Contractors Battling Rising Costs

The Cybersecurity Maturity Model Certification version 2.0 (CMMC 2.0) is here! Like a song you’ve heard before, the revised standards are a throwback but no less significant change to the standards that have evolved over the past three and a half years. McCarter & English Government Contracts and Global Trade co-leaders Alex Major and Franklin Turner detail the changes coming to federal contractors in a Feature Comment for Thomson Reuters’ The Government Contractor. Set against the recent Beatles documentary, the comment examines the impact of the Department of Defense’s most recent effort while detailing what contractors need to do before its new standards go into effect.
Continue Reading Get Back: DOD Retreats While Revealing Plans for CMMC 2.0