Photo of Jonathan M. BakerPhoto of Lorraine M. CamposPhoto of Adelicia R. CliffePhoto of Stephanie CrawfordPhoto of Christopher D. GarciaPhoto of Rina GashawPhoto of Lyndsay GortonPhoto of Olivia LynchPhoto of John E. McCarthy Jr.Photo of Liam O'ReillyPhoto of Issac SchabesPhoto of Zachary SchroederPhoto of Allison SkagerPhoto of Abi StokesPhoto of M.Yuan Zhou

During December 2021, the House and Senate reached agreement on a compromise National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2022.  On December 23, 2021, Congress presented S. 1605 to President Biden, which he signed on December 27, 2021.

The FY2022 NDAA contains numerous provisions relating to acquisition policy—which provide new opportunities for government contractors, will result in the imposition of new clauses or reporting requirements on government contractors, require government reporting to Congress on acquisition authorities and programs, alter processes and/or procedures to which government contractors are subject, etc.  Crowell & Moring’s Government Contracts Group discusses the most consequential changes in the FY2022 NDAA for government contractors below.
Continue Reading National Defense Authorization Act for Fiscal Year 2022: Acquisition Policy Changes of Which Government Contractors Should Be Aware

Photo of Kate M. Growley, CIPP/G, CIPP/USPhoto of Evan D. Wolff

Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces. In this episode, hosts Evan Wolff and Kate Growley talk through the fundamental changes that the DoD has announced will be made under “CMMC 2.0.”

ListenCrowell.com | PodBean | SoundCloud | Apple

Photo of Christopher HebdonPhoto of Michael G. Gruden, CIPP/GPhoto of Maida Oringher LernerPhoto of Evan D. WolffPhoto of Kate M. Growley, CIPP/G, CIPP/US

The Department of Defense (DoD) recently announced significant changes to its Cybersecurity Maturity Model Certification (CMMC) program intended to simplify the requirements and ease the compliance burden on contractors.  Unlike its predecessor, the new CMMC 2.0 moves to three compliance levels rather than five; aligns the required security controls (known as practices) with National Institute

Photo of Evan D. WolffPhoto of Christopher Hebdon

Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces. In this episode, host Evan Wolff talks with Chris Hebdon about micro-purchases and the cybersecurity obligations that contractors may encounter in the performance of these small dollar contracts.

ListenCrowell.com | PodBean |

Photo of Peter J. EyrePhoto of Monica DiFonzo Sterling

This week’s episode covers the latest on the COVID vaccine requirement for contractors, cybersecurity updates, the DoD Climate Adaptation Plan, and a class deviation relating to certified cost or pricing data, and is hosted by Peter Eyre and Monica Sterling. Crowell & Moring’s “Fastest 5 Minutes” is a biweekly podcast that provides a brief summary

Photo of Kate M. Growley, CIPP/G, CIPP/US

Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces. In this final episode of a three-part series, host Kate Growley digests the current state of DFARS clause 252.204-7021 and what contractors should know about the Cybersecurity Maturity Model Certification (or CMMC).

Listen

Photo of Kate M. Growley, CIPP/G, CIPP/USPhoto of Evan D. Wolff

Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces. In this second episode of a three-part series, hosts Kate Growley and Evan Wolff overview the high points from the new DFARS clauses 252.204-7019 and -7020.

ListenCrowell.com | PodBean | SoundCloud |

Photo of Kate M. Growley, CIPP/G, CIPP/USPhoto of Caroline Brown

In this episode, host Kate Growley and Caroline Brown talk about the regulatory risks of violating sanctions and anti-money laundering laws when considering whether to make a payment to ransomware attackers. Those risks extend beyond the victims of the ransomware attack themselves to include ransomware insurance businesses, payment processors, and companies involved in digital forensics

Photo of Kate M. Growley, CIPP/G, CIPP/USPhoto of Evan D. WolffPhoto of Matthew B. Welling

In this episode, hosts Kate Growley and Evan Wolff talk with Matthew Welling about all things ransomware, including how to prepare for and respond to these kinds of incidents.  Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces.

ListenCrowell.com | PodBean