DoD Previews New Third-Party Cyber Certification Requirements
Client Alert | 1 min read | 06.17.19
The Department of Defense is moving closer to a third-party certification to ensure compliance with its standard cybersecurity requirements – what is being called the “Cybersecurity Maturity Model Certification” (CMMC). While still in the early stages of development, the CMMC would likely require all contractors subject to DFARS 252.204-7012 to obtain a certification issued by an independent third party stating that the contractor has sufficiently implemented its required cybersecurity controls. Holding this certification would be a “go/no-go” condition to compete for relevant DoD work. Although NIST SP 800-171 is the default cybersecurity standard currently required under -7012, DoD is also exploring the creation of a new standard that would govern the certification. DoD is projecting that the CMMC will start appearing in solicitations as early as Fall 2020, but much work remains to be done – including potential revisions to -7012 – and will no doubt be informed by extensive industry engagement.
Insights
Client Alert | 4 min read | 08.19.25
Forged Faces, Real Liability: Deepfake Laws Take Effect in Washington State and Pennsylvania
In the last few months, both Washington State and Pennsylvania enacted significant legislation addressing the malicious use of deepfakes—artificial intelligence-generated or manipulated media. These new laws reflect a growing national and state-level trend to regulate AI-generated content, especially when used to harm individuals or mislead the public.
Client Alert | 1 min read | 08.19.25
Client Alert | 3 min read | 08.18.25
FCPA Enforcement Continues to Evolve with Newly Unsealed Indictment
Client Alert | 3 min read | 08.18.25
Recent GAO Sustain Includes Valuable Lessons on Proposal Preparation and More