On Dec. 26, 2023, DoD published a proposed rule implementing the CMMC Program (the Proposed Rule). The regulations come more than three years after the release of the initial CMMC regulations (November 2020) and two years after the Biden administration announced the revised “CMMC 2.0” program (January 2021). The Proposed Rule largely reflects the CMMC
Jeffery M. Chiow, Co-Chair of Greenberg Traurig's Government Contracts Practice, represents clients in litigation and government investigations related to government contracts, including federal and state bid protests and claims. Many of the bid protests that he litigates involve enterprise critical matters with billions of dollars at stake. Jeff has deep experience in the aerospace and defense sectors, as well as cybersecurity, technology services contracting, and schedule contracting. Prior to entering private practice, he was a U.S. Marine Corps weapons and sensors officer in the F/A-18D Hornet. This experience informs Jeff’s work with cutting-edge technology in the areas of space systems, cloud computing, weapons platforms and IT systems. Jeff also advises businesses on compliance matters, working with government contractors to develop tailored strategies for addressing complex business, legal, and regulatory issues. In particular, he is a recognized leader in the constantly-evolving area of cybersecurity, including compliance with DoD’s cyber and supply chain requirements and the CMMC initiative and related investigations and disclosures.
Jeff’s False Claims Act experience includes advising on alleged fraud involving federal grants, DOJ Civil Fraud investigations, and qui tam suits alleging hundreds of millions of dollars in damages. He conducts sensitive internal compliance investigations and counsels defense, health care, construction, and technology clients about potential civil and criminal liability as well as potential disclosure obligations.
In July 2023 the Biden administration announced the National Cybersecurity Strategy Implementation Plan, detailing how the government will advance the cyber strategy. The plan describes 65 initiatives to achieve the objectives laid out in the strategy, and several of them will impact federal contractors.
On May 10, 2023, the National Institutes of Standards and Technology (NIST) released Revision 3 to its foundational publication, 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. The publication provides guidelines for protecting sensitive unclassified information in contractor systems, and these guidelines establish the baseline cybersecurity requirements for federal defense contractors. …