Michael G. GrudenCIPP/G
Overview
Michael G. Gruden is a counsel in Crowell & Moring's Washington, D.C. office, where he is a member of the firm’s Government Contracts and Privacy and Cybersecurity groups. He possesses real-world experience in the areas of federal procurement and data security, having worked as a Contracting Officer at both the U.S. Department of Defense (DoD) and the U.S. Department of Homeland Security (DHS) in the Information Technology, Research & Development, and Security sectors for nearly 15 years. Michael is a Certified Information Privacy Professional with a U.S. government concentration (CIPP/G). He is also a Registered Practitioner under the Cybersecurity Maturity Model Certification (CMMC) framework. Michael serves as co-chair of the ABA Science & Technology Section's Homeland Security Committee. |
Career & Education
- Department of Defense
Branch Chief/Supervisory Contracting Officer, Washington Headquarters Services, Office of the Secretary of Defense, 2012–2017 - Department of Homeland Security
Contracting Officer, U.S. Immigration and Customs Enforcement, 2011–2012
Senior Contract Specialist, DHS Headquarters, 2005–2011
- Department of Defense
- Virginia Commonwealth University, B.A., Magna cum Laude With University Honors
- Georgetown University Law Center, J.D.
- District of Columbia
- New York
Michael's Insights
Speaking Engagement | 12.10.24
"Navigating Privacy in the Age of AI: Compliance Challenges in Highly Regulated Environments", Forrester Security & Risk Summit
Speaking Engagement | 11.21.24
Contracting Officer & General Counsel Perspectives on CMMC Supply Chain Security
Event | 11.19.24
Speaking Engagement | 11.19.24
"CMMC Finalized: How to Prepare & Achieve Certification," Crowell & Moring Seminar, Washington, D.C.
Representative Matters
Government Contracts
- Conducted internal investigations of government contractors, addressing a variety of issues relating to government contracts and regulations.
- Prepared clients for supply chain management audits and assessments including Contractor Purchasing System Reviews (CPSR).
- Assisted clients in suspension and debarment matters and drafted comprehensive responses to notices of proposed debarment.
- Represented government contractors in bid protests before the Government Accountability Office (GAO).
- Advised government contractors regarding organizational conflicts of interest and post-government employment restrictions.
Cybersecurity
- Engaged in longstanding partnerships with multiple defense contractors to devise compliance strategies for DFARS 252.204-7012, including routine gap assessments and subsequent remediation plans.
- Assisted major retailer with data breach notification reporting obligations and coordinated consumer and state notifications, as appropriate.
- Helped clients assess and comply with cyber incident reporting obligations under DFARS 252.204-7012.
- Conducted compliance assessments for clients and interpreted NIST SP 800-171 and NIST SP 800-53 regulatory requirements.
- Advised clients on cloud service provider requirements under DFARS 252.204-7012 and DFARS 252.239-7010.
- Counseled contractors regarding information security programs concentrating on Covered Defense Information (CDI), Controlled Unclassified Information (CUI), and Sensitive Security Information (SSI).
Michael's Insights
Speaking Engagement | 12.10.24
"Navigating Privacy in the Age of AI: Compliance Challenges in Highly Regulated Environments", Forrester Security & Risk Summit
Speaking Engagement | 11.21.24
Contracting Officer & General Counsel Perspectives on CMMC Supply Chain Security
Event | 11.19.24
Speaking Engagement | 11.19.24
"CMMC Finalized: How to Prepare & Achieve Certification," Crowell & Moring Seminar, Washington, D.C.
Insights
Critical Infrastructure: Updating the 2013 NIPP and other Risk Mitigation Actions
|05.14.24
Privacy and Cybersecurity Outlook: The 2024 Landscape
The Impact Of The Cybersecurity Maturity Model Certification On The Defense Industrial Base
|05.01.24
Contract Magazine
What Sections 9 And 10 Of The Executive Order On AI Mean For Government Contractors
|01.15.24
Federal News Network
Spy Games: Biden Administration Issues Executive Order Restricting Federal Use Of Commercial Spyware
|06.15.23
Government Contracting Law Report
Planning For The Uncertain: What To Watch And How To Prepare For CMMC
|05.23.23
Federal News Network
Cybersecurity Provisions Proliferate In The National Defense Authorization Act
|03.15.22
Government Contracting Law Report
"Navigating Privacy in the Age of AI: Compliance Challenges in Highly Regulated Environments", Forrester Security & Risk Summit
|12.10.24
"Government Contractor Tort Litigation, Legal Settlements and Regulatory Risks," U.S. Federal Government – Current Topics in Insurance and Risk Management for Federal Government Contractors, Zurich Insurance Group, Fort Belvoir, VA
|09.17.24
"US Federal Government Contractors and Cyber Resilience," U.S. Federal Government – Current Topics in Insurance and Risk Management for Federal Government Contractors, Zurich Insurance Group, Fort Belvoir, VA
|09.17.24
"Making CMMC 2.0 Requirements Work for Your Organization," NCMA World Congress 2024
|07.23.24
DoD ‘Fine Tunes’ Final CMMC Program Rule, Industry Turns Attention To Implementation
|10.18.24
Federal News Network
Companies Protecting Trade Secrets Should Consider Role of NIST’s Enhanced Security Requirements
|07.16.20
Crowell & Moring’s Trade Secrets Trends
- |
02.21.19
Crowell & Moring's Government Contracts Legal Forum
SEC Encourages Internal Accounting Controls to Guard Against Cyber Fraud
|11.08.18
Crowell & Moring's Data Law Insights
NIST Offers Insight Into Updated Risk Management Framework
|10.30.18
Crowell & Moring's Data Law Insights
New Internet of Things (IoT) NIST Draft Publication Provides Welcomed Guidance
|10.17.18
Crowell & Moring's Data Law Insights
Colorado’s New Data Privacy Bill Increases Notification and Safeguarding Requirements
|07.17.18
Crowell & Moring's Data Law Insights
- |
05.07.18
Crowell & Moring's Government Contracts Legal Forum
New Draft NIST Guidance on Systems Security Engineering
|04.24.18
Crowell & Moring's Government Contracts Legal Forum
Is Government Data at Risk? Study Finds Industry Cybersecurity Lagging Government
|02.26.18
Crowell & Moring's Data Law Insights
Michael's Insights
Speaking Engagement | 12.10.24
"Navigating Privacy in the Age of AI: Compliance Challenges in Highly Regulated Environments", Forrester Security & Risk Summit
Speaking Engagement | 11.21.24
Contracting Officer & General Counsel Perspectives on CMMC Supply Chain Security
Event | 11.19.24
Speaking Engagement | 11.19.24
"CMMC Finalized: How to Prepare & Achieve Certification," Crowell & Moring Seminar, Washington, D.C.