Cybersecurity & Data Privacy

BLOG: Open-Source Software in Federal Procurements: The Good, the Bad, and the Ugly, Part 3 – The Ugly

January 29, 2020
By Isaias "Cy" Alba IV
Concluding our blog series on open-source software in the government market, it is time to turn to the darker side of things. We already discussed the "good" of open-source software for government buyers, and we walked through the "bad," explaining how some elements may conflict with federal laws or priorities. Now we will look at the "ugly" side of open-source software and how contractors can mitigate associated risks.

BLOG: Open-Source Software in Federal Procurements: The Good, the Bad, and the Ugly, Part 2 – The Bad

January 24, 2020
By Isaias "Cy" Alba IV
In the first post of this series, we discussed "the good" of open-source software and why federal buyers should find it attractive. However, when it comes to the federal government accepting open-source code with open arms, the reality is certainly more mixed. Faced with changing and technical regulations, government contractors need to know the major drawbacks of using open-source code in government contracts. In this second entry to our open-source series, we explore "the bad" impacts of open-source use in government contracting.

BLOG: DoD's Upcoming Cybersecurity Maturity Model Certification (CMMC): Still on Target?

January 10, 2020
By Jon Williams and Anna R. Wright
PilieroMazza has been blogging a lot over the past year about the Department of Defense's (DoD) highly anticipated CMMC. And there has been a lot to say, from the early stages of CMMC as a new "overarching standard," to its first public draft release, through its first major streamlining, and finally to its latest public draft release in early December 2019. The pace of developments is expected to increase in 2020 as DoD releases a compliance checklist, finalizes the certification standards, and begins accrediting third parties that will ultimately issue CMMCs to contractors. With CMMC expected to become a requirement of certain DoD contracts by the end of this fiscal year, CMMC truly is a game-changer for any government contractor working directly for DoD or in the DoD supply chain.

BLOG: Open-Source Software in Federal Procurements: The Good, the Bad, and the Ugly, Part 1 – The Good

January 2, 2020
By Isaias "Cy" Alba IV
Open-source code is all the rage. With developers at Fortune 500 companies and hobbyists alike using it to make better products and cut development costs, it is ubiquitous in the commercial market, and government contractors are catching the buzz. Faced with ever-evolving software regulations, though, they need facts before dealing with a federal buyer. In this short blog series, we will walk through the key benefits, drawbacks, and risks associated with use of open-source code in government contracting, especially at the federal level. Indeed, when it comes to the use of open-source software, all contractors should be aware of the "good," the "bad," and the "ugly."

BLOG: Cybersecurity Maturity Model Certification (CMMC): The Final Countdown

December 18, 2019
By David T. Shafer and Anna R. Wright
PilieroMazza recently wrote about the Department of Defense's (DoD) release of revision (rev.) 0.6 of its Cybersecurity Maturity Model Certification (CMMC), which only addressed certification Levels 1–3. DoD has now released rev. 0.7. All DoD contractors will be required to obtain CMMC certification in the coming months to show their IT systems' capabilities with respect to protecting DoD sensitive information. Rev. 0.7 gives updates at all Levels. Additionally, rev. 0.7 contains new discussion and clarifications for Levels 1–3 and for the application of maturity levels to different capability domains. Below, we decipher primary concerns for DoD contractors.
Please fill following information to download presentation

For Important Legal Updates and Resources on the Coronavirus Click Here.