Department of Defense

Subscribe to Department of Defense via RSS

Remember in Coming to America when Eddie Murphy’s Prince Akeem shows up in Queens full of charm, optimism, and big dreams and somehow it all works out? Fast-forward 38 years (yes, it’s been that long) and European companies looking to sell into the US Department of Defense (DoD) and Department of Homeland Security supply chains will need much more than charm. Instead, they’ll need real strategy, a focused structure, and readiness for regulatory scrutiny that doesn’t end with an award notification. In the current climate, with a heightened domestic preference policy, new executive directives such as the “Prioritizing the Warfighter in Defense Contracting” executive order, and renewed focus on supply chain security and performance, it is essential for foreign companies and their counsel to clearly understand the terrain before landfall.Continue Reading Coming to America (the Government Contracting Edition): Ownership, Compliance, and Shifting Policy

The BIOSECURE Act in the FY 2026 NDAA is a quiet, sweeping shift in federal supply-chain enforcement that reaches beyond “biotech” and into the tools most companies barely think about like software, AI, data platforms, and third-party services used behind the scenes. As Alex Major and Franklin Turner write in The Government Contractor, BIOSECURE Act

The FY2026 National Defense Authorization Act (NDAA) became law on December 18, 2025, enacting a tidal wave of the Trump administration’s priorities with respect to Department of Defense (DoD) procurement. One key priority reflected in the NDAA is reducing compliance burdens so that (i) established DoD contractors are incentivized to pursue awards and (ii) more companies opt in to being a DoD contractor to grow the industrial base. Importantly, Section 1804 and Section 1806 of the NDAA take action on this priority by raising the dollar thresholds for complex domains of government contracting: the Cost Accounting Standards (CAS) and submission of certified cost or pricing data. While these changes are welcome developments, companies should be cognizant that a steady stream of compliance requirements remains even with these increased thresholds.Continue Reading Swept Away: FY2026 NDAA Updates to CAS and Certified Cost or Pricing Data Thresholds

On December 18, 2025, the Fiscal Year 2026 National Defense Authorization Act (FY2026 NDAA) became law. True to each year’s NDAA being a sprawling piece of legislation, the FY2026 NDAA contains many priorities of the current Administration. Nestled among its myriad provisions, federal grant recipients should take note of Section 230, the “Prohibition on Modification of Indirect Cost Rates for Institutions of Higher Education and Nonprofit Organization.” This section provides a speed bump for rapid changes to indirect cost rates for Department of Defense grantees and reflects congressional sympathy to grantee concerns, particularly those of institutes of higher education (IHEs).Continue Reading College Prep: What Colleges with DoD Grants Should Do Now Under the FY2026 NDAA

Drumroll, please. On November 7, 2025, the Department of Defense (DoD) released three memoranda signaling changes to its approach to procurement and Foreign Military Sales/Direct Commercial Sales in the years to come: “Unifying the Department’s Arms Transfer and Security Cooperation Enterprise to Improve Efficiency and Enable Burden-Sharing”; “Reforming the Joint Requirements Process to Accelerate Fielding of Warfighting Capabilities”; and “Transforming the Defense Acquisition System into the Warfighting Acquisition System to Accelerate Fielding of Urgently Needed Capabilities to Our Warriors.” The latter memorandum appends the DoD’s Acquisition Transformation Strategy (the Strategy), which is aimed at dramatically reforming how the DoD’s acquisition system operates with an eye toward increasing the speed and flexibility of DoD procurements and the acquisition workforce. This document begins the march toward sunsetting the existing Defense Acquisition System in favor of what is envisioned to be a more rapid and effective system designed to provide the DoD with the capabilities it needs to meet its mission requirements.Continue Reading The Drumbeat of Progress: DOD’s Acquisition Transformation Strategy

Here we are again. With federal funding for fiscal year 2025 lapsed, all government contractors now face potential stop work orders and financial disruptions. Below are key considerations and steps to mitigate potential risk and maximize cost recovery:Continue Reading Key Steps for Government Contractors During the Federal Shutdown

The DoD has finally crossed the CMMC finish line, but for contractors, the race is just beginning. With the Final Rule effective Nov. 10, award eligibility will hinge on a “current” CMMC status in SPRS, backed by annual affirmations and strict compliance. The next two months are critical for getting race-ready. In this Featured Comment

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed that contractors must continue complying with Revision 2 thanks to a previously issued class deviation. What does this mean in plain terms? The DoD is slowly pulling back the curtain on the next major shift in cybersecurity compliance. Still, the full prestige hasn’t happened yet.Continue Reading The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

In Part I of this series we introduced readers to what Controlled Unclassified Information (CUI) is understood to consist of under the CUI Program at 32 CFR pt. 2002, differentiating and safeguarding CUI, CUI Program Authority and Control, and CUI policy as promulgated under the U.S. Department of Defense CUI Program. (See 66 GC ¶

The U.S. Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) Program will become operational at some point in fiscal year 2025. In October, the DOD issued a Final Rule to address evolving cybersecurity requirements and cyber threats while defining the security controls that DOD intends defense contractors and subcontractors to implement. The program will require