Insights

Professional
Practice
Industry
Region
Trending Topics
Location
Type

Sort by:

Client Alerts 35 results

Client Alert | 2 min read | 05.15.25

DoD Specifies Implementation Requirements for NIST 800-171 Cyber Standard

The Department of Defense (DoD) has released a memorandum establishing the DoD Organization-Defined Parameters (ODPs) for use in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 Revision (Rev) 3. Currently, DoD’s cybersecurity regimes require government contractors to comply with NIST SP 800-171 Rev. 2. However, the release of this memorandum may indicate DoD’s intention to soon incorporate Rev. 3 into DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting (DFARS 7012) as well as the forthcoming Cybersecurity Maturity Model Certification (CMMC).
...

Client Alert | 6 min read | 04.18.25

Ready To Know Your Data? DOJ Issues Implementation and Enforcement Guidance for Data Security Program Protecting Bulk Sensitive Data

On April 11, 2025, the U.S. Department of Justice (DOJ) issued guidance regarding the implementation and enforcement of the newly enacted final rule, “Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons,” now referred to as the Data Security Program (DSP). The release included an Implementation and Enforcement Policy, a Compliance Guide, and Frequently Asked Questions (FAQs). Collectively, these documents are designed to help entities subject to the DSP understand and comply with the obligations set out under the Final Rule.
...

Client Alert | 4 min read | 04.01.25

For Better or MORSE: Another Settlement Under DOJ’s Civil Cyber-Fraud Initiative

On March 26, 2025, the Department of Justice (DOJ) announced that defense contractor MORSECORP Inc. (MORSE) will pay $4.6 million to settle allegations that MORSE violated the False Claims Act (FCA) by failing to comply with cybersecurity requirements and subsequently submitting false or fraudulent claims for payment in its contracts with the Departments of the Army and Air Force. This is the first FCA settlement that is based on a defense contractor’s failure to reevaluate and promptly update its self-assessment score in the Supplier Performance Risk System (SPRS) after a third-party assessment resulted in a lower score.
...

Publications 6 results

Publication | 01.28.25

Preparing for CMMC in 2025

After years of anticipation and a series of delays, implementation of the U.S. Department of Defense’s Cyber Maturity Model Certification Program (CMMC) is rapidly approaching. Though CMMC is not expected to enter into effect until early-to- mid 2025, DOD contactors can start taking steps now to ensure a smooth transition into this new regulatory era.
...

Publication | 01.28.25

Will Higher Education Institutions Face Enhanced Cybersecurity Requirements?

U.S. colleges and universities watched closely this summer when the DOJ, in a novel move, scrutinized the cybersecurity compliance of a research lab at an academic institution.
...

Webinars 5 results

Webinar | 02.20.25, 3:00 PM EST - 4:00 PM EST

Privacy and Cybersecurity Outlook: The 2025 Landscape

Crowell & Moring’s recent publication, The Privacy and Cybersecurity Outlook: The 2025 Landscape, offers clients forward-looking insights on the most significant trends impacting organizations worldwide.

Webinar | 01.27.25, 10:00 AM EST - 10:45 AM EST

Cyber For All: A FAR CUI Proposed Rule Webinar

The FAR Council recently released a proposed rule (the “FAR CUI Rule”) that would amend the FAR to implement federal government-wide Controlled Unclassified Information (CUI) cybersecurity, training, and incident reporting requirements for government contractors and subcontractors.  

Webinar | 01.18.24, 1:00 PM EST - 2:00 PM EST

The FY 2024 National Defense Authorization Act: Key Provisions for Government Contractors

Crowell & Moring’s Government Contracts Group invites government contractors to a webinar in which we address the most consequential sections of the FY 2024 National Defense Authorization Act. These include imposition of a new conflict of interest regime for government contractors with a connection to China, require government reporting to Congress on acquisition authorities and programs, and alter other processes and procedures to which government contractors are subject.

Speaking Engagements 6 results