Insights

Crowell & Moring’s Government Contracts Group invites government contractors to a webinar in which we address the most consequential sections of the FY 2024 National Defense Authorization Act. These include imposition of a new conflict of interest regime for government contractors with a connection to China, require government reporting to Congress on acquisition authorities and programs, and alter other processes and procedures to which government contractors are subject.

The Department of Defense (DOD) has released the highly anticipated proposed rule for the Cybersecurity Maturity Model Certification Program (CMMC). CMMC is a unified assessment model released by the DoD in response to the growing threat of cyberattacks and data theft from its supply chain vendors. As proposed, this program requires every Federal contractor that handles DoD sensitive data to comply with certain cybersecurity controls. CMMC will bring greater scrutiny to contractors’ cybersecurity compliance and greater risks associated with failure to comply. To achieve certification, you’re required to prove that your organization can meet a myriad of security control obligations, a process that can be daunting if you’re not familiar with the policies, procedures, and practices that may be required when the program is finalized.

The Office of Management and Budget (OMB) released Memorandum M-22-18, implementing software supply chain security requirements for federal agencies, and in turn, for government contractors providing software to the government.

Join our Crowell & Moring practitioners as they discuss deadlines approaching this summer and the applicability of OMB’s self-attestation requirements. Crowell will also provide practical insights in implementing the new software security standard, NIST SP 800-218, Secure Software Development Framework, and about completing the Cybersecurity Infrastructure Security Agency’s (CISA) draft Self-Attestation Form.