Alex Major is a contributing author to the Nuix 2018 Black Report: Decoding the Minds of Hackers, a unique report that engages professional hackers, penetration testers, and incident responders to understand the security threat landscape companies face. Alex, a former intelligence officer, focuses his chapter on why companies need to properly select and structure their cyber-threat intelligence solutions to ensure the analysts using the data can turn it into actionable intelligence for senior leadership. Please click here for a copy of the full report.

As most contractors know all too well, doing business with the Government can be quite frustrating. One of the most – if not the most – prominent sources of that frustration is that the Government often operates with a callous disregard for the laws and regulations that are supposed to dictate the course of play under the contracts to which it is a party. With its December 28, 2017 decision in Flour Federal Solutions, LLC, ASBCA No. 61431-983, the Armed Services Board of Contract Appeals (“ASBCA” or “Board”) cast a searing spotlight on the Government’s dilatory conduct in the context of repeatedly failing to respond to a contractor’s claim. The facts are troubling:

Continue Reading The ASBCA Thunders to the Government: Do Your Job!

As the potential for a Government shutdown gets closer to reality with each passing minute, United States Government contractors and subcontractors may soon find themselves in a confusing position as to what actions they should take in light of their existing contract obligations. In an effort to resolve that confusion, the Department of Defense has released guidance to be used by its elements and contracts in the event of a Government shutdown tonight. While directly applicable to Defense activities and constituent contracts, the guidance may assist other non-Defense contractors in addressing some of their questions or concerns.

Continue Reading Bracing for Impact: How Contractors Can Manage Their Risk During a Government Shutdown

On December 12, 2017, President Trump signed the $700 billion 2018 National Defense Authorization Act (“NDAA”) into law. Following negotiations between the House and Senate Armed Services Committees, the NDAA includes new provisions relating to software acquisition within Title VIII — Acquisition Policy, Acquisition Management, and Related Matters, Subtitle H, and the following five sections:

SEC. 871. Noncommercial Computer Software Acquisition Considerations.

SEC. 872. Defense Innovation Board Analysis of Software Acquisition Regulations.

SEC. 873. Pilot Program to Use Agile or Iterative Development Methods to Tailor Major
Software-Intensive Warfighting Systems and Defense Business Systems.

SEC. 874. Software Development Pilot Program Using Agile Best Practices.

SEC. 875. Pilot Program for Open Source Software.

Continue Reading National Defense Authorization Act FY 2018: Directions in Federal Software Acquisitions

If your company sells products or services to the U.S. Government, there’s a substantial likelihood that you’ve read or heard the acronym “NIST” in connection with various cybersecurity related obligations that the Government is imposing on contractors with a seemingly unceasing vengeance. NIST refers to the National Institute of Standards and Technology, which is a nonregulatory agency of the Department of Commerce, and which has the stated mission of promoting “U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.”

For full article, click here.

This article appeared in The Government Contractor publication.

On August 2, President Trump signed into law the Countering America’s Adversaries Through Sanctions Act (CAATS). What is the significance of the law?

Zlatko Hadzismajlovic: Many things stand out, but here are three that are foremost. First is the sheer number of members of Congress, on both sides of the aisle, who supported the legislation. It passed the House by a staggering margin and the Senate by a vote of 98-2. Second, the support in both houses, coupled with the Trump administration’s Russia predicament, made it obvious that the president wouldn’t have done himself any favors with a veto, as Congress had more than the requisite two-thirds to override. Third, this is really a wonderful example of the interplay of foreign policy authority accorded to Congress and the president via Articles I and II of the Constitution, respectively.

For full article, click here.

This article was published in Metropolitan Corporate Counsel. 

During the past few years, discussions in Washington, D.C. have intensified over the battle to modernize the Federal Government’s information technology (IT) systems. In May 2016, Representative Jason Chaffetz—Chairman of the Committee on Oversight and Government Reform in the U.S. House of Representatives—boldly stated that American “[t]axpayers deserve a government that leverages technology to serve them, rather than one that deploys unsecured, decades-old technology that places their sensitive and personal information at risk.”1 Within six months of coming into office, President Trump issued an Executive Order calling on the Government to “transform and modernize [Government] information technology and how [the Government] uses and delivers digital services.”2 These sweeping proclamations sound an increasingly familiar tune, often whistled by those who work for Uncle Sam at the highest levels—old technology wastes taxpayers dollars and leaves the Government more susceptible to cyberattacks.3 In fact, from 2006 through 2015, the number of reported security incidents in federal agencies increased by an astounding 1,303%.4 Against this alarming backdrop, the Government has grown ever more reliant upon commercial companies to assist in modernizing its IT systems.

For full article, click here.

This article was published in Briefing Papers publication.

The House version of the 2018 National Defense Authorization Act (“NDAA”) (passed July 14, 2017) includes key provisions that would radically change the way the Government purchases certain commercial items, and it may result in the extinction of large parts of the Federal Supply Schedules as we know them. Section 801 of the NDAA promotes Government wide use of online commercial marketplaces (“online marketplaces”) such as Amazon, Staples, and Grainger for the acquisition of certain commercial off-the shelf (“COTS”) items, defined as “commercial products” in the proposed legislation. If enacted, the NDAA would be a revolutionary development in the way the Government buys many of its products, allowing agencies to leapfrog over competitive bidding requirements and numerous mandatory clauses now included in Government contracts for commercial items.

Continue Reading House Wants Uncle Sam to Purchase COTS Items From Amazon and Other Online Sellers

This article focuses on contractor licenses that grant “Restricted Rights” in “Noncommercial Software” to the federal Government under Defense Federal Acquisition Regulation Supplement (“DFARS”) 252.227-7014.  DFARS 252.227-7014 only applies to “Noncommercial Computer Software,” meaning software that is licensed to or developed for the Government, but that is not also licensed to the public.  In contrast to the commercial world, where software licensors generally set the terms under which they wish to license their products, DFARS 252.227-7014 dictates such terms, and codifies required license grants for software developed for the U.S. Department of Defense (“DoD”).  Under DFARS 252.227-7014, even if a licensor develops Noncommercial Software at private expense, the licensor must at least grant Restricted Rights to the Government — although title and ownership of the software always remain with the contractor licensor.

Continue Reading Restricted Rights Under DFARS 252.227-7014: Practitioner Advice for Avoiding DoD Licensing Pitfalls

Contractor past performance evaluations are important factors in source selection decisions under Parts 8 and 15 of the Federal Acquisition Regulation (“FAR”), and they can easily make or break a contractor’s federal customer base. Especially vulnerable are contractors competing in Lowest Price Technically Acceptable (“LPTA”) procurements, where a bad past performance rating can make contractors ineligible due to an “unacceptable” technical rating even though they may offer the lowest price. The submission by Government contracting officials of a contractor’s performance evaluation to the Contractor Performance Assessment Reporting System (“CPARS”) is required in most instances; however, the contractor’s remedies for correcting poor performance evaluations due to mistakes and material omissions by the evaluator are limited in both time and scope. And as the DoD’s Inspector General (“IG”) has repeatedly pointed out, most recently in its May 9, 2017 report, Summary of Audits on Assessing Contractor Performance (noting a large percentage of DoD performance assessment reports are late and not prepared correctly and accurately), mistakes often happen. Contractors looking to sustain their business in the federal marketplace need to be properly armed with the weapons available to challenge poor performance evaluations when the agency gets it wrong.

Continue Reading Sparring with CPARS: Some Tips on Avoiding and Curing Bad Past Performance Evaluations That Can Haunt and Jeopardize a Government Contractor’s Business for Years